Lucene search
K

14932 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.20 views

Amazon Linux 2023 : openssh, openssh-clients, openssh-keycat (ALAS2023-2026-1604)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1604 advisory. In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.14 views

Amazon Linux 2 : gstreamer-plugins-good, --advisory ALAS2-2026-3250 (ALAS-2026-3250)

The version of gstreamer-plugins-good installed on the remote host is prior to 0.10.31-20. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3250 advisory. An out-of-bounds read in the WAV parser that can cause crashes for certain input files. CVE-2026-1940 Tenable has...

7.5CVSS7.3AI score0.00225EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.18 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3265 (ALAS-2026-3265)

The version of nerdctl installed on the remote host is prior to 2.2.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3265 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler...

9.8CVSS6.1AI score0.00651EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

Amazon Linux 2023 : clamav1.5, clamav1.5-data, clamav1.5-devel (ALAS2023-2026-1631)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1631 advisory. A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device.This vulnerabili...

5.3CVSS5.8AI score0.00414EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.9 views

Amazon Linux 2 : OpenEXR, --advisory ALAS2-2026-3267 (ALAS-2026-3267)

The version of OpenEXR installed on the remote host is prior to 1.7.1-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3267 advisory. OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the...

8.8CVSS5.7AI score0.00482EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.8 views

Amazon Linux 2 : python3-pytest, --advisory ALAS2-2026-3253 (ALAS-2026-3253)

The version of python3-pytest installed on the remote host is prior to 2.9.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3253 advisory. pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to...

6.8CVSS5.5AI score0.0014EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.8 views

Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2026-1622)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1622 advisory. The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely...

7.5CVSS5.8AI score0.00357EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.14 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-097 (ALASNITRO-ENCLAVES-2026-097)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-097 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go...

9.8CVSS8AI score0.08123EPSS
Exploits1References20
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.15 views

Amazon Linux 2 : openssl-snapsafe, --advisory ALAS2OPENSSL-SNAPSAFE-2026-010 (ALASOPENSSL-SNAPSAFE-2026-010)

The version of openssl-snapsafe installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2OPENSSL-SNAPSAFE-2026-010 advisory. NULL Pointer Dereference When Processing a Delta CRL NOTE:...

7.5CVSS5.5AI score0.00885EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.4 views

Amazon Linux 2023 : flatpak, flatpak-devel, flatpak-libs (ALAS2023-2026-1601)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1601 advisory. A complete sandbox escape vulnerability exists in Flatpak before 1.16.4. The Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitra...

10CVSS6AI score0.0168EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3271 (ALAS-2026-3271)

The version of thunderbird installed on the remote host is prior to 140.9.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3271 advisory. Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 an...

9.8CVSS6.2AI score0.0035EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.9 views

Amazon Linux 2 : libpng, --advisory ALAS2-2026-3266 (ALAS-2026-3266)

The version of libpng installed on the remote host is prior to 1.5.13-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3266 advisory. Use-after-free in pngsetPLTE, pngsettRNS and pngsethIST in libpng before 1.6.57. Passing a pointer returned by the corresponding...

5.1CVSS5.8AI score0.00195EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.8 views

Amazon Linux 2 : python-pip, --advisory ALAS2-2026-3256 (ALAS-2026-3256)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3256 advisory. When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation director...

2CVSS5.4AI score0.0039EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.10 views

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2026-1589)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1589 advisory. When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation...

2CVSS5.8AI score0.0039EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.9 views

Amazon Linux 2023 : nodejs20, nodejs20-devel, nodejs20-full-i18n (ALAS2023-2026-1608)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1608 advisory. A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to...

5.5CVSS5.8AI score0.00204EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.5 views

Amazon Linux 2023 : nodejs22, nodejs22-devel, nodejs22-full-i18n (ALAS2023-2026-1616)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1616 advisory. A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to...

5.5CVSS5.8AI score0.00204EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.6 views

Amazon Linux 2 : LibRaw, --advisory ALAS2-2026-3258 (ALAS-2026-3258)

The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3258 advisory. An integer overflow vulnerability exists in the deflatedngloadraw functionality of LibRaw. A specially crafted malicious...

9.8CVSS6.2AI score0.00564EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.9 views

Amazon Linux 2023 : firefox (ALAS2023-2026-1621)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1621 advisory. Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corrupti...

9.8CVSS6.1AI score0.0035EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.8 views

Amazon Linux 2 : LibRaw, --advisory ALAS2-2026-3255 (ALAS-2026-3255)

The version of LibRaw installed on the remote host is prior to 0.19.4-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3255 advisory. A heap-based buffer overflow vulnerability exists in the x3fthumbloader functionality of LibRaw Commit d20315b. A speciall...

9.8CVSS6.3AI score0.00746EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.5 views

Amazon Linux 2 : python-jwcrypto, --advisory ALAS2-2026-3254 (ALAS-2026-3254)

The version of python-jwcrypto installed on the remote host is prior to 0.4.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3254 advisory. JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker...

6.8CVSS6.3AI score0.0098EPSS
Exploits2References4
Rows per page
Query Builder