Lucene search
K

9382 matches found

Amazon
Amazon
added 2025/03/25 12:0 a.m.9 views

Medium: batik

Issue Overview: Server-Side Request Forgery SSRF vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some...

7.1CVSS5.7AI score0.00786EPSS
Exploits0
Amazon
Amazon
added 2025/03/25 12:0 a.m.10 views

Medium: python-pillow

Issue Overview: Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library PIL 1.1.7 and earlier allows remote attackers to cause a denial of service crash via a crafted PhotoCD file. CVE-2016-2533 Affected Packages: python-pillow Note: This...

6.5CVSS6.6AI score0.03998EPSS
Exploits0
Amazon
Amazon
added 2025/03/25 12:0 a.m.13 views

Low: python-pip

Issue Overview: The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address...

7.5CVSS6.9AI score0.01034EPSS
Exploits0
Amazon
Amazon
added 2025/03/25 12:0 a.m.10 views

Low: python-pip

Issue Overview: The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address...

7.5CVSS6.9AI score0.01034EPSS
Exploits0
Amazon
Amazon
added 2025/03/25 12:0 a.m.9 views

Medium: perl-App-cpanminus

Issue Overview: The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass. CVE-2020-16154 Affected Packages: perl-App-cpanminus Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

7.8CVSS7.6AI score0.00713EPSS
Exploits1
Amazon
Amazon
added 2025/03/25 12:0 a.m.29 views

Medium: python

Issue Overview: An issue was found in the CPython zipfile module affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The zipfile module is vulnerable to "quoted-overlap" zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed...

7.5CVSS7AI score0.02303EPSS
Exploits1
Amazon
Amazon
added 2025/03/25 12:0 a.m.31 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver CVE-2024-35870 In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount CVE-2024-49960 In the Linux kernel, the...

7.8CVSS7.3AI score0.00809EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.12 views

Amazon Linux AMI : emacs (ALAS-2025-1964)

The version of emacs installed on the remote host is prior to 24.3-20.26. It is, therefore, affected by a vulnerability as referenced in the ALAS-2025-1964 advisory. A flaw was found in the Emacs text editor. Improper handling of custom man URI schemes allows attackers to execute arbitrary shell...

8.8CVSS8.1AI score0.02679EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/19 12:0 a.m.17 views

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-067)

The version of kernel installed on the remote host is prior to 5.15.178-120.187. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-067 advisory. In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in...

7.8CVSS6.7AI score0.00275EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/03/14 12:0 a.m.15 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-864)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-864 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash CVE-2023-53037 In the Linux kernel, the following vulnerability has...

8.4CVSS6.3AI score0.00398EPSS
Exploits4References106
Tenable Nessus
Tenable Nessus
added 2025/03/14 12:0 a.m.23 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-876)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-876 advisory. In the Linux kernel, the following vulnerability has been resolved: iommu: Return right value in iommusvabinddevice CVE-2024-40945 In the Linux kernel, the following vulnerability has been...

7.8CVSS6.6AI score0.00328EPSS
Exploits1References76
Tenable Nessus
Tenable Nessus
added 2025/03/14 12:0 a.m.16 views

Amazon Linux 2 : kernel, --advisory ALAS2-2024-2696 (ALAS-2024-2696)

The version of kernel installed on the remote host is prior to 4.14.355-271.569. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2696 advisory. In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: Prevent UAF in proccpusetshow...

7.8CVSS6.5AI score0.00879EPSS
Exploits2References38
Tenable Nessus
Tenable Nessus
added 2025/03/14 12:0 a.m.48 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2025-082 (ALASKERNEL-5.10-2025-082)

The version of kernel installed on the remote host is prior to 5.10.234-225.895. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-082 advisory. Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allo...

7.8CVSS6.6AI score0.00585EPSS
Exploits1References58
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.18 views

Amazon Linux 2 : python-pillow (ALAS-2025-2784)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2784 advisory. Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows...

6.5CVSS6.9AI score0.0236EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.19 views

Amazon Linux 2 : expat (ALAS-2025-2774)

The version of expat installed on the remote host is prior to 2.1.0-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2774 advisory. An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser can...

5.9CVSS7.1AI score0.0104EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.28 views

Amazon Linux 2 : kernel, --advisory ALAS2-2025-2777 (ALAS-2025-2777)

The version of kernel installed on the remote host is prior to 4.14.353-270.569. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2777 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic...

8.4CVSS6.2AI score0.00398EPSS
Exploits1References36
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.24 views

Amazon Linux 2 : openssl11 (ALAS-2025-2781)

The version of openssl11 installed on the remote host is prior to 1.1.1zb-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2781 advisory. Issue summary: A timing side-channel which could potentially allow recoveringthe private key exists in the ECDSA signature...

4.1CVSS6.3AI score0.00601EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.12 views

Amazon Linux 2 : openjpeg2 (ALAS-2025-2773)

The version of openjpeg2 installed on the remote host is prior to 2.4.0-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2773 advisory. openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 openjpeg: heap buffer overflow in lib/openjp2/j2k.c...

5.6CVSS7.2AI score0.00309EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.45 views

Amazon Linux 2 : openssh (ALAS-2025-2769)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2769 advisory. A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed ...

6.8CVSS7AI score0.06997EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2025/03/10 12:0 a.m.13 views

Amazon Linux 2 : microcode_ctl (ALAS-2025-2787)

The version of microcodectl installed on the remote host is prior to 2.1-47. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2787 advisory. Improper Finite State Machines FSMs in Hardware Logic for some IntelR Processors may allow privileged user to...

6.8CVSS5.9AI score0.00223EPSS
Exploits0References8
Rows per page
Query Builder