Lucene search
K

538 matches found

Tenable Nessus
Tenable Nessus
added 3 days ago5 views

Amazon Linux 2023 : ecs-init (ALAS2023-2026-1906)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1906 advisory. Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus ha...

5.8AI score
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 3 days ago3 views

Security update for amazon-ecs-init (important)

openSUSE security update: security update for amazon-ecs-init ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21013-1 Rating: important References: bsc1265843 bsc1266652 Cross-References: CVE-2026-33814 CVE-2026-39821 CVSS scores: CVE-2026-33814 SUS...

9.1CVSS7AI score0.00781EPSS
Exploits0References2
Amazon
Amazon
added 4 days ago5 views

Medium: ecs-init

Issue Overview: Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder Affected Packages: ecs-init Note: This advisory is applicable to Amazon Linux 2 - Ecs Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL...

5.8AI score
Exploits0
Amazon
Amazon
added 4 days ago5 views

Medium: ecs-init

Issue Overview: Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder Affected Packages: ecs-init Issue Correction: Run dnf update ecs-init --releasever 2023.12.20260629 or dnf update --advisory ALAS2023-2026-1906 --releasever 2023.12.20260629 to update your system. More...

5.7AI score
Exploits0
NVD
NVD
added 2026/06/25 2:16 p.m.8 views

CVE-2026-40012

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;...

5.3CVSS0.00305EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/25 12:58 p.m.29 views

CVE-2026-40012 Information about ECS zero scoped answers might leak to clients that use a specific ECS

ECS zero scoped answers are stored in the packet cache while they should not. This impacts only configurations that have ECS enabled;...

5.3CVSS0.00305EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 2:30 p.m.2 views

OPENSUSE-SU-2026:21013-1 Security update for amazon-ecs-init

This update for amazon-ecs-init fixes the following issues Update to version 1.103.2: - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265843. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded...

9.6CVSS6.9AI score0.00781EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.4 views

Amazon Linux 2 : ecs-service-connect-agent, --advisory ALAS2ECS-2026-126 (ALASECS-2026-126)

The version of ecs-service-connect-agent installed on the remote host is prior to v1.34.13.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2026-126 advisory. A denial-of-service vulnerability was found in Envoy's HTTP/2 HPACK header compression implementation. A...

7.5CVSS5.9AI score0.00708EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.8 views

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2026-1893)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1893 advisory. A denial-of-service vulnerability was found in Envoy's HTTP/2 HPACK header compression implementation. A remote attacker could send a specially crafted HTTP/2 request that triggers disproportionately...

7.5CVSS6.1AI score0.00708EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2 : ecs-init, --advisory ALAS2ECS-2026-120 (ALASECS-2026-120)

The version of ecs-init installed on the remote host is prior to 1.103.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-120 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory an...

7.5CVSS5.9AI score0.00813EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.12 views

CVE-2026-26946

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS5.4AI score0.00104EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:14 p.m.9 views

CVE-2026-40636

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with local access could potentially exploit this vulnerability, leading to filesystem access for attacker...

9.8CVSS5.5AI score0.00223EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 1:13 p.m.20 views

CVE-2026-8037 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints...

9.6CVSS8AI score0.29641EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.6 views

Progress Software多款产品 命令注入漏洞

Progress Software MOVEit is a product of the American company Progress Software. Progress Software MOVEit is a secure file transfer software. Progress Software LoadMaster is a series of application delivery controllers and load balancing products. Progress Software ECS Connections Manager is a...

9.6CVSS8.1AI score0.29641EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.9 views

MiracleLinux 8 : dnsmasq-2.79-36.el8_10 (AXSA:2026-741:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-741:05 advisory. dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890...

8.8CVSS6AI score0.06662EPSS
Exploits3References6
Rockylinux
Rockylinux
added 2026/05/29 4:3 p.m.19 views

dnsmasq security update

An update is available for dnsmasq. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server...

8.8CVSS6AI score0.06662EPSS
Exploits4
OSV
OSV
added 2026/05/29 12:0 a.m.9 views

RLSA-2026:20589 Important: dnsmasq security update

The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. Security Fixes: dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890...

8.8CVSS6AI score0.06662EPSS
Exploits3References6
Rockylinux
Rockylinux
added 2026/05/29 12:0 a.m.22 views

dnsmasq security update

An update is available for dnsmasq. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server...

8.8CVSS6AI score0.06662EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.41 views

RockyLinux 9 : dnsmasq (RLSA-2026:19373)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19373 advisory. dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890 dnsmasq:...

8.8CVSS6AI score0.06662EPSS
Exploits3References11
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.24 views

RockyLinux 8 : dnsmasq (RLSA-2026:20589)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20589 advisory. dnsmasq: dnsmasq: heap buffer overflow in cache via NAMEESCAPE expansion CVE-2026-2291 dnsmasq: NSEC bitmap parsing infinite loop CVE-2026-4890 dnsmasq:...

8.8CVSS6AI score0.06662EPSS
Exploits3References11
Rows per page
Query Builder