Lucene search
K

9382 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.9 views

Amazon Linux 2023 : openjpeg2, openjpeg2-devel, openjpeg2-tools (ALAS2023-2025-830)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-830 advisory. openjpeg: heap buffer overflow in bin/common/color.c CVE-2024-56826 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not...

5.6CVSS7AI score0.00309EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.69 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-823)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-823 advisory. In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: Fix use after free in lineinfochangednotify CVE-2024-36899 In the Linux kernel, the following vulnerability ha...

7.8CVSS6.2AI score0.0028EPSS
Exploits2References72
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.20 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2025-836)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-836 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: schmultiq: fix possible OOB write in multiqtune CVE-2024-36978 In the Linux kernel, the following vulnerability h...

7.8CVSS6.3AI score0.00302EPSS
Exploits0References78
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.14 views

Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2025-826)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-826 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE:...

4.8CVSS6.5AI score0.00971EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.20 views

Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2025-827)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-827 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE:...

4.8CVSS6.5AI score0.00971EPSS
Exploits0References4
Amazon
Amazon
added 2025/02/04 12:0 a.m.4 views

Important: bind

Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...

7.5CVSS6.9AI score0.16182EPSS
Exploits0
Amazon
Amazon
added 2025/02/04 12:0 a.m.7 views

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...

4.8CVSS5.6AI score0.00971EPSS
Exploits0
Amazon
Amazon
added 2025/02/04 12:0 a.m.16 views

Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...

4.8CVSS5AI score0.00971EPSS
Exploits0
Amazon
Amazon
added 2025/02/04 12:0 a.m.27 views

Important: bind

Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...

7.5CVSS8AI score0.16182EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.21 views

Amazon Linux 2 : kernel (ALAS-2025-2745)

The version of kernel installed on the remote host is prior to 4.14.355-275.582. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2745 advisory. In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in...

7.8CVSS6.5AI score0.00286EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.22 views

Amazon Linux 2 : bind (ALAS-2025-2751)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2751 advisory. It is possible to construct a zone such that some queries to it will generate responses containing numerous records in t...

7.5CVSS7.1AI score0.16182EPSS
Exploits0References6
Amazon
Amazon
added 2025/02/04 12:0 a.m.18 views

Important: gstreamer1

Issue Overview: GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size to hold a lar...

9.8CVSS9.7AI score0.01344EPSS
Exploits0
Amazon
Amazon
added 2025/02/04 12:0 a.m.10 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6routempathnotify CVE-2024-26852 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem...

7.8CVSS6.5AI score0.00286EPSS
Exploits0
Amazon
Amazon
added 2025/02/04 12:0 a.m.14 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6routempathnotify CVE-2024-26852 In the Linux kernel, the following vulnerability has been resolved: ext4: avoid OOB when system.data xattr changes underneath the filesystem...

7.8CVSS7.4AI score0.00286EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.17 views

Amazon Linux 2 : kernel (ALASKERNEL-5.10-2025-081)

The version of kernel installed on the remote host is prior to 5.10.233-224.894. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2025-081 advisory. Placeholder CVE. Details forthcoming CVE-2024-10929 In the Linux kernel, the following vulnerability has...

7.8CVSS6.4AI score0.00268EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.8 views

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2025-2740)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.14+7-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2740 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracl...

4.8CVSS6.6AI score0.00971EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.12 views

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2025-2741)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.26+4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2741 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracl...

4.8CVSS6.6AI score0.00971EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/02/04 12:0 a.m.11 views

Amazon Linux 2 : gstreamer1 (ALAS-2025-2746)

The version of gstreamer1 installed on the remote host is prior to 1.18.4-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2746 advisory. GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the...

9.8CVSS8.2AI score0.01344EPSS
Exploits0References4
Amazon
Amazon
added 2025/02/04 12:0 a.m.2 views

Medium: edk2

Issue Overview: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring...

4.1CVSS6.2AI score0.00601EPSS
Exploits0
Amazon
Amazon
added 2025/02/04 12:0 a.m.27 views

Medium: edk2

Issue Overview: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring...

4.1CVSS4.6AI score0.00601EPSS
Exploits0
Rows per page
Query Builder