Lucene search
K

14934 matches found

Amazon
Amazon
added 2026/05/15 12:0 a.m.17 views

Medium: libgcrypt

Issue Overview: Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcrypkdecrypt. CVE-2026-41989 Affected Packages: libgcrypt Issue Correction: Run dnf update libgcrypt --releasever 2023.11.20260514 or dnf update --advisory...

6.7CVSS6AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/05/15 12:0 a.m.16 views

Medium: perl-Text-CSV_XS

Issue Overview: CSVXS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. CVE-2026-7111 Affected Packages: perl-Text-CSVXS Issue Correction: Run dnf update perl-Text-CSVXS --releasever...

8.4CVSS5.8AI score0.00158EPSS
Exploits0
Amazon
Amazon
added 2026/05/15 12:0 a.m.17 views

Medium: curl

Issue Overview: When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory. CVE-2026-3805 Affected Packages: curl Issue Correction: Run dnf update curl --releasever 2023.11.20260514 or dnf update --advisory ALAS2023-2026-1699...

7.5CVSS7.1AI score0.00715EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.8 views

Amazon Linux 2023 : cuda (ALAS2023NVIDIA-2026-279)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-279 advisory. NVIDIA CUDA Toolkit contains a vulnerability in command cuobjdump where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may le...

7.8CVSS5.9AI score0.00233EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.18 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2026-122 (ALASKERNEL-5.4-2026-122)

The version of kernel installed on the remote host is prior to 5.4.302-224.471. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2026-122 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag...

8.8CVSS6.3AI score0.03663EPSS
Exploits18References6
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.23 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-119 (ALASKERNEL-5.10-2026-119)

The version of kernel installed on the remote host is prior to 5.10.253-252.1016. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-119 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag...

8.8CVSS6.3AI score0.03663EPSS
Exploits18References6
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.32 views

Amazon Linux 2 : kernel, --advisory ALAS2-2026-3307 (ALAS-2026-3307)

The version of kernel installed on the remote host is prior to 4.14.355-282.729. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3307 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker...

8.8CVSS6.3AI score0.03663EPSS
Exploits18References6
Amazon
Amazon
added 2026/05/15 12:0 a.m.15 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-43503 In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy...

8.8CVSS5.4AI score0.03663EPSS
Exploits18
Amazon
Amazon
added 2026/05/15 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-43503 In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy...

8.8CVSS5.4AI score0.03663EPSS
Exploits18
Amazon
Amazon
added 2026/05/15 12:0 a.m.19 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-43503 In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy...

8.8CVSS5.4AI score0.03663EPSS
Exploits18
Amazon
Amazon
added 2026/05/15 12:0 a.m.9 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers CVE-2026-43503 In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy...

8.8CVSS5.4AI score0.03663EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.8 views

Amazon Linux 2023 : cuda-toolkit (ALAS2023NVIDIA-2026-278)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-278 advisory. NVIDIA CUDA Toolkit contains a vulnerability in command cuobjdump where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may le...

7.8CVSS7.2AI score0.00233EPSS
Exploits0References4
Amazon
Amazon
added 2026/05/15 12:0 a.m.13 views

Important: python-pip

Issue Overview: pip prior to version 26.1 would run self-update check functionality after installing wheel files which required importing well-known Python modules names. These module imports were intentionally deferred to increase startup time of the pip CLI. The patch changes self-update...

5.3CVSS5.8AI score0.00138EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/14 7:35 p.m.28 views

CVE-2026-8596 Cleartext storage of HMAC signing key in Amazon SageMaker Python SDK ModelBuilder/Serve path

Cleartext storage of sensitive information in the ModelBuilder/Serve component in Amazon SageMaker Python SDK before v2.257.2 and v3 before v3.8.0 might allow a remote authenticated actor to extract the HMAC signing key from SageMaker API responses and forge valid integrity signatures for special...

8.5CVSS0.00439EPSS
Exploits0References4
NVD
NVD
added 2026/05/14 3:16 p.m.13 views

CVE-2026-44308

Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pplications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did n...

6.3CVSS0.00179EPSS
Exploits0References1
Imperva Blog
Imperva Blog
added 2026/05/14 3:0 p.m.11 views

Using Bedrock with Claude Code? Your AWS Credentials Are Shared With Every Subprocess

Many developers today are using Claude Code, with a growing portion running it through Amazon Bedrock. For enterprise teams, Bedrock offers major advantages: keeping data inside a VPC, leveraging AWS credits, and integrating with existing IAM controls, monitoring, and security policies. Bedrock...

5.9AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/14 2:39 p.m.9 views

CVE-2026-44308

Spring Cloud AWS simplifies using AWS managed services in a Spring and Spring Boot applications. From 3.0.0 to 4.0.1, pplications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did n...

6.3CVSS5.8AI score0.00179EPSS
Exploits0References2Affected Software2
vulnersOsv
vulnersOsv
added 2026/05/14 1:9 p.m.8 views

ai.starlake:spark-redshift_2.13 (>=6.5.0 <=6.5.1), ai.starlake:starlake-api_2.13 (>=1.5.8 <=1.5.15) +87 more potentially affected by CVE-2026-8178 via com.amazon.redshift:redshift-jdbc42 (>=2.0.0.3 <=2.2.1)

com.amazon.redshift:redshift-jdbc42 MAVEN version =2.0.0.3, =6.5.0, =1.5.8, =2025.34.3, =0.293, =0.293, =5.0.0, =5.1.0, =1.3.0, =1.19.1891, =0.1.15-alpha, =0.1.15-alpha, =0.1.15-alpha, =3.2.171, =6.0.0-spark3.3, =6.6.0-spark3.5 and more Source cves: CVE-2026-8178 Source advisory:...

9.2CVSS5.8AI score0.00573EPSS
Exploits0
Amazon
Amazon
added 2026/05/14 12:0 a.m.14 views

Important: rclone

Issue Overview: Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint options/set is exposed without AuthRequired: true, but it can mutate global runtime configuration, including the RC option block itself. Starting in versio...

9.8CVSS5.9AI score0.34734EPSS
Exploits3
Amazon
Amazon
added 2026/05/14 12:0 a.m.14 views

Important: thunderbird

Issue Overview: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox ESR 140.10.1. CVE-2026-7321 Memory safety bugs present in Firefox ESR 115.35.0, Firefox ESR 140.10.0, Thunderbird ESR 140.10.0, Firefox 150.0.0 and...

9.6CVSS6.2AI score0.00375EPSS
Exploits0
Rows per page
Query Builder