9382 matches found
Amazon Linux 2 : microcode_ctl (ALAS-2025-2787)
The version of microcodectl installed on the remote host is prior to 2.1-47. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2787 advisory. Improper Finite State Machines FSMs in Hardware Logic for some IntelR Processors may allow privileged user to...
Amazon Linux 2 : emacs (ALAS-2025-2770)
The version of emacs installed on the remote host is prior to 27.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2770 advisory. A flaw was found in the Emacs text editor. Improper handling of custom man URI schemes allows attackers to execute arbitrary shell...
Amazon Linux 2 : libglvnd (ALAS-2025-2782)
The version of libglvnd installed on the remote host is prior to 1.0.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2782 advisory. libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a segmentation violation via the function glXGetDrawableScreen...
Amazon Linux 2 : kernel, --advisory ALAS2-2025-2778 (ALAS-2025-2778)
The version of kernel installed on the remote host is prior to 4.14.352-267.564. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2778 advisory. In the Linux kernel, the following vulnerability has been resolved: net: relax socket state check at accept time...
Amazon Linux 2023 : aws-kinesis-agent (ALAS2023-2025-889)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-889 advisory. In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer.deserializeFromArray to prevent use of deeply nested arrays. An application is...
Amazon Linux AMI : kernel (ALAS-2025-1962)
The version of kernel installed on the remote host is prior to 4.14.353-190.569. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1962 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipcudpaddr2st...
Amazon Linux 2023 : microcode_ctl (ALAS2023-2025-888)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-888 advisory. Improper Finite State Machines FSMs in Hardware Logic for some IntelR Processors may allow privileged user to potentially enable denial of service via local access. CVE-2024-31068 Sequence of...
Amazon Linux AMI : kernel (ALAS-2025-1961)
The version of kernel installed on the remote host is prior to 4.14.355-194.598. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1961 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun...
Amazon Linux 2023 : ecs-init (ALAS2023-2025-886)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-886 advisory. runc is a CLI tool for spawning and running containers according to the OCI specification. runc 1.1.13 and earlier, as well as 1.2.0-rc2 and earlier, can be tricked into creating empty files or...
Amazon Linux AMI : kernel (ALAS-2025-1963)
The version of kernel installed on the remote host is prior to 4.14.352-190.569. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1963 advisory. In the Linux kernel, the following vulnerability has been resolved: bonding: Fix out-of-bounds read in...
Important: kernel-livepatch-4.14.355-275.572
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun CVE-2024-49995 In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing CVE-2024-50279...
Medium: libglvnd
Issue Overview: libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a segmentation violation via the function glXGetDrawableScreen. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
Medium: openjpeg2
Issue Overview: openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 openjpeg: heap buffer overflow in lib/openjp2/j2k.c CVE-2024-56827 Affected Packages: openjpeg2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...
Medium: openjpeg2
Issue Overview: openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 openjpeg: heap buffer overflow in lib/openjp2/j2k.c CVE-2024-56827 Affected Packages: openjpeg2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbdopen CVE-2023-52837 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 - Kernel-5.15 Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ...
Important: postgresql
Issue Overview: Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, and PQescapeStringConn allows a database input provider to achieve SQL injection in certain usage patterns. Specifically, SQL injection requires the...
Important: python-jinja2
Issue Overview: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker need...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver CVE-2024-35870 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key CVE-2024-53179 In the Linux kernel, the...
Medium: jsoup
Issue Overview: jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, an attacker may supply content that causes the parser to get stuck loop...
Low: docker
Issue Overview: golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors...