CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/02/19 12:0 a.m.•7 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1424)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1424 advisory. In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. CVE-2026-25210 Tenable has...

7.8CVSS6.2AI score0.00193EPSS

Tenable Nessus•added 2026/02/19 12:0 a.m.•8 views

Amazon Linux 2023 : python3.13-virtualenv (ALAS2023-2026-1428)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1428 advisory. virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform...

4.5CVSS5.7AI score0.00085EPSS

Tenable Nessus•added 2026/02/19 12:0 a.m.•4 views

Amazon Linux 2023 : vsftpd (ALAS2023-2026-1432)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1432 advisory. A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafte...

6.5CVSS5.5AI score0.00737EPSS

Tenable Nessus•added 2026/02/19 12:0 a.m.•9 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1435)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1435 advisory. HarfBuzz is a text shaping engine. Prior to version 12.3.0, a null pointer dereference vulnerability exists in the SubtableUnicodesCache::create function located in src/hb-ot-cmap-table.hh. Th...

7.8CVSS6AI score0.00377EPSS

Exploits6References8

Tenable Nessus•added 2026/02/19 12:0 a.m.•5 views

Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2026-089 (ALASNITRO-ENCLAVES-2026-089)

The version of runc installed on the remote host is prior to 1.3.4-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-089 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing...

10CVSS7.8AI score0.00765EPSS

Exploits2References10

Tenable Nessus•added 2026/02/19 12:0 a.m.•2 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2026-091 (ALASNITRO-ENCLAVES-2026-091)

The version of oci-add-hooks installed on the remote host is prior to 0-0.7.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-091 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of...

10CVSS5.9AI score0.00765EPSS

Exploits2References10

Tenable Nessus•added 2026/02/19 12:0 a.m.•5 views

Amazon Linux 2023 : libsoup, libsoup-devel (ALAS2023-2026-1439)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1439 advisory. A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read. CVE-2025-32050 A flaw was found in libsoup. A vulnerability in...

6.5CVSS5.9AI score0.0061EPSS

Exploits0References12

Tenable Nessus•added 2026/02/19 12:0 a.m.•8 views

Amazon Linux 2 : nginx, --advisory ALAS2NGINX1-2026-010 (ALASNGINX1-2026-010)

The version of nginx installed on the remote host is prior to 1.28.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2026-010 advisory. A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. A...

8.2CVSS5.8AI score0.00339EPSS

Tenable Nessus•added 2026/02/19 12:0 a.m.•6 views

Amazon Linux 2023 : libpng, libpng-devel, libpng-static (ALAS2023-2026-1440)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1440 advisory. Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via the pngimage with AddressSanitizer ASan, the program leaks memory in various...

5.5CVSS5.6AI score0.00139EPSS

Exploits2References6

Amazon•added 2026/02/19 12:0 a.m.•6 views

Medium: docker

10CVSS6AI score0.00765EPSS

Amazon•added 2026/02/19 12:0 a.m.•11 views

Medium: containerd

10CVSS6AI score0.00765EPSS

Amazon•added 2026/02/19 12:0 a.m.•8 views

Medium: soci-snapshotter

Amazon•added 2026/02/19 12:0 a.m.•7 views

Medium: amazon-ecr-credential-helper

Amazon•added 2026/02/19 12:0 a.m.•8 views

Important: runc

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: runc Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to...

7.8CVSS6.4AI score0.00359EPSS

Exploits0

Amazon•added 2026/02/19 12:0 a.m.•10 views

Medium: docker

Amazon•added 2026/02/19 12:0 a.m.•10 views

Medium: containerd