Lucene search
K

9378 matches found

Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.11 views

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2025-059)

The version of docker installed on the remote host is prior to 20.10.17-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-059 advisory. In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2...

7.5CVSS7AI score0.02513EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.10 views

Amazon Linux 2023 : valkey, valkey-devel (ALAS2023-2025-949)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-949 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the serve...

7.5CVSS7.3AI score0.00824EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.34 views

Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2025-952)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-952 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java...

7.4CVSS6.5AI score0.00688EPSS
Exploits0References8
Amazon
Amazon
added 2025/04/29 12:0 a.m.2 views

Important: docker

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS6.8AI score0.00724EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.9 views

Important: docker

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS6.8AI score0.00724EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.8 views

Important: docker

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS7.8AI score0.00724EPSS
Exploits0
Amazon
Amazon
added 2025/04/29 12:0 a.m.3 views

Important: docker

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

9.1CVSS6.8AI score0.00724EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.14 views

Amazon Linux 2023 : redis6, redis6-devel (ALAS2023-2025-950)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-950 advisory. Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the serve...

7.5CVSS7.3AI score0.00824EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.22 views

Amazon Linux 2023 : runfinch-finch (ALAS2023-2025-944)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-944 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Prior to5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a...

7.5CVSS7.2AI score0.00693EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.9 views

Amazon Linux 2 : runfinch-finch (ALASDOCKER-2025-057)

The version of runfinch-finch installed on the remote host is prior to 1.7.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-057 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Prior to5.2.2 and 4.5.2, the function parse.ParseUnverified split...

7.5CVSS7.3AI score0.00693EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.29 views

Amazon Linux 2023 : libsoup3, libsoup3-devel (ALAS2023-2025-941)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-941 advisory. A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skipinsightwhitespace function. Libsoup clients may read one byte out-of-bounds i...

9CVSS6.9AI score0.00798EPSS
Exploits1References28
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.27 views

Amazon Linux 2023 : libsoup, libsoup-devel (ALAS2023-2025-946)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-946 advisory. A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skipinsightwhitespace function. Libsoup clients may read one byte out-of-bounds in respons...

7CVSS7.3AI score0.0067EPSS
Exploits1References4
Amazon
Amazon
added 2025/04/29 12:0 a.m.7 views

Important: libsoup

Issue Overview: A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skipinsightwhitespace function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. CVE-2025-2784 Affected Packages...

7CVSS9AI score0.0067EPSS
Exploits1
Amazon
Amazon
added 2025/04/29 12:0 a.m.1 views

Important: libsoup

Issue Overview: A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skipinsightwhitespace function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server. CVE-2025-2784 Affected Packages...

7CVSS6.8AI score0.0067EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.22 views

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2025-100)

The version of kernel installed on the remote host is prior to 5.4.292-208.414. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-100 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap...

7.8CVSS6.6AI score0.07007EPSS
Exploits0References46
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.32 views

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-090)

The version of kernel installed on the remote host is prior to 5.10.236-227.928. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-090 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of enc...

7.8CVSS6.7AI score0.07007EPSS
Exploits0References76
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.32 views

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-070)

The version of kernel installed on the remote host is prior to 5.15.180-122.191. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-070 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-throttle: Set BIOTHROTTLED when...

7.8CVSS6.5AI score0.07007EPSS
Exploits0References66
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.22 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-947)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-947 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: handle errors from btrfsdecref properly CVE-2024-46753 In the Linux kernel, the following vulnerability has been...

7.8CVSS6.2AI score0.07007EPSS
Exploits0References46
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.7 views

Amazon Linux 2 : runc (ALASECS-2025-064)

The version of runc installed on the remote host is prior to 1.0.0-0.1.20200204.gitdc9208a. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-064 advisory. A flaw was found in runc. An attacker who controls the container image for two containers that share a volume...

7CVSS6.9AI score0.00457EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/29 12:0 a.m.24 views

Amazon Linux 2023 : bpftool, kernel6.12, kernel6.12-modules-extra (ALAS2023-2025-948)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-948 advisory. In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix link state exit during switch upstream function removal CVE-2024-58093 In the Linux kernel, the following...

7.8CVSS6.2AI score0.0024EPSS
Exploits0References78
Rows per page
Query Builder