14928 matches found
Dirty-Frag-Kubernetes-PoC
Dirty Frag CVE-2026-43284 — Kubernetes Container Escape PoC...
Magnitude Simba Amazon Redshift JDBC Driver 安全漏洞
The Magnitude Simba Amazon Redshift JDBC Driver is a JDBC driver provided by the American company Magnitude. It enables database connection through the standard JDBC Application Programming Interface API available in the Java Platform Enterprise Edition. Versions of the Magnitude Simba Amazon...
CLSA-2026-1778163112 Update of cups
Merge of the Amazon Linux 2 cups package cups-1.6.3-51.amzn2.0.9...
GHSA-GR3R-CRP5-QRRM Compromised tag of intercom-php published via GitHub
Impact On April 30, 2026, a malicious commit was pushed to the intercom/intercom-php repository and tagged as version 5.0.2, using a compromised service account github-management-service. This occurred as part of the same supply chain attack that affected intercom-client on npm. The malicious...
CLSA-2026-1778166697 Update of cups
Merge of the Amazon Linux 2 cups package cups-1.6.3-51.amzn2.0.9...
CLSA-2026-1778166693 Update of cups
Merge of the Amazon Linux 2 cups package cups-1.6.3-51.amzn2.0.9...
Amazon ECS Container Agent (Windows) is vulnerable to Information Disclosure
Summary Amazon Elastic Container Service Amazon ECS is a fully managed container orchestration service that enables customers to deploy, manage, and scale containerized applications. An issue exists where, under certain circumstances, improper input validation in the FSx Windows File Server volum...
Spring Cloud AWS missing SNS message signature verification allows spoofing of HTTP/HTTPS endpoint notifications
Impact Applications using Spring Cloud AWS SNS HTTP/HTTPS endpoint support @NotificationMessageMapping, @NotificationSubscriptionMapping, @NotificationUnsubscribeConfirmationMapping did not verify the signature of incoming SNS messages. An unauthenticated attacker who knows the endpoint URL could...
GHSA-FPJQ-C37H-CQCV vulnerabilities
Vulnerabilities for packages: kyverno, kyverno-notation-aws, kyverno-fips, kyverno-notation-aws-fips...
CVE-2026-41506 vulnerabilities
Vulnerabilities for packages: argo-events, zot, guac, argo-workflows-fips, google-osconfig-agent, pulumi-language-dotnet, kaniko, goreleaser, trivy-operator, trivy-fips, kyverno-fips, commercial-chainloop-cli, syft-fips, zarf, gitaly-fips, mapotf, skaffold-fips, external-secrets-operator-fips,...
OPENSUSE-SU-2026:10699-1 amazon-cloudwatch-agent-1.300066.1-1.1 on GA media
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
PT-2026-38516
These are all security issues fixed in the amazon-cloudwatch-agent-1.300066.1-1.1 package on the GA media of openSUSE Tumbleweed...
FireFighter has unauthenticated SSRF in its Raid jira_bot endpoint that allows IAM credential theft
Impact The POST /api/v2/firefighter/raid/jirabot endpoint CreateJiraBotView is reachable without authentication permissionclasses = permissions.AllowAny. Its attachments payload is fetched server-side via httpx.get with no URL validation, then uploaded as an attachment on the Jira ticket that get...
EUVD-2026-27149
Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...
Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2026-1664)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1664 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's 1.31 is using oghttp as the default HTTP/2 codec, and there are potential bugs around stream management in the codec. To...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-116 (ALASKERNEL-5.10-2026-116)
The version of kernel installed on the remote host is prior to 5.10.252-250.1016. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-116 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...
Important: kernel-livepatch-6.18.15-14.217
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...
Important: kernel6.18
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...
Important: kernel-livepatch-6.12.80-105.147
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...