Lucene search
+L

81 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2ECS-2026-112 (ALASECS-2026-112)

The version of oci-add-hooks installed on the remote host is prior to 0-0.9.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-112 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow...

9.8CVSS7.5AI score0.00621EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.16 views

Amazon Linux 2 : docker, --advisory ALAS2ECS-2026-108 (ALASECS-2026-108)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-108 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler...

9.8CVSS7.3AI score0.08123EPSS
Exploits1References20
RedHat Linux
RedHat Linux
added 2026/05/11 6:39 p.m.9 views

golang: cmd/compile: possible memory corruption after bound check elimination

A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially...

9.8CVSS5.8AI score0.00536EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/11 6:39 p.m.10 views

golang: cmd/compile: no-op interface conversion bypasses overlap checking

A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data...

7.1CVSS5.8AI score0.00261EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/11 4:23 p.m.9 views

golang: cmd/compile: possible memory corruption after bound check elimination

A flaw was found in the cmd/compile package in the Go standard library. The compiler fails to correctly check for integer overflow or underflow in arithmetic operations involving loop induction variables. As a result, the compiler allows invalid memory indexing to occur at runtime, potentially...

9.8CVSS5.8AI score0.00536EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/11 4:23 p.m.8 views

cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names

A flaw was found in the Go programming language golang and its command-line tool cmd/go. A remote attacker could exploit this during the build process by crafting malicious SWIG Simplified Wrapper and Interface Generator file names that contain "cgo" and specific payloads. This could lead to code...

9CVSS6AI score0.00658EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/11 4:23 p.m.9 views

golang: cmd/compile: no-op interface conversion bypasses overlap checking

A flaw was found in the cmd/compile package in the Go standard library. A no-op interface conversion prevented the compiler from correctly identifying non-overlapping memory moves. As a result, the compiler allows unsafe memory move operations to occur at runtime, potentially causing data...

7.1CVSS5.8AI score0.00261EPSS
Exploits0References8
Amazon
Amazon
added 2026/04/30 12:0 a.m.10 views

Medium: credentials-fetcher

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS5.7AI score0.00621EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.10 views

Important: nerdctl

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS6.6AI score0.00651EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.22 views

Important: containerd

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS7.1AI score0.00651EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Important: golang

Issue Overview: SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time in the Go toolchain cmd/go due to trust layer bypass. CVE-2026-27140 Arithmetic over induction variables in loops were not correctly checked for...

9.8CVSS6.7AI score0.00658EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Important: nerdctl

Issue Overview: Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption in programs compiled with...

9.8CVSS6AI score0.00651EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.11 views

Amazon Linux 2 : containerd, --advisory ALAS2DOCKER-2026-112 (ALASDOCKER-2026-112)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-112 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compil...

9.8CVSS6.8AI score0.00651EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.23 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3265 (ALAS-2026-3265)

The version of nerdctl installed on the remote host is prior to 2.2.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3265 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler...

9.8CVSS6.1AI score0.00651EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.21 views

Amazon Linux 2023 : docker (ALAS2023-2026-1615)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1615 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to...

9.8CVSS7.3AI score0.08123EPSS
Exploits1References20
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.12 views

Amazon Linux 2023 : credentials-fetcher (ALAS2023-2026-1598)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1598 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to...

9.8CVSS6AI score0.00621EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.16 views

Amazon Linux 2023 : golist (ALAS2023-2026-1599)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1599 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to...

9.8CVSS6.1AI score0.00621EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.11 views

Amazon Linux 2023 : nerdctl (ALAS2023-2026-1605)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1605 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler cmd/compile. As a result, the compiler would allow for invalid indexing to...

9.8CVSS6AI score0.00651EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.21 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-097 (ALASNITRO-ENCLAVES-2026-097)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-097 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go...

9.8CVSS8AI score0.08123EPSS
Exploits1References20
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.16 views

Amazon Linux 2 : golist, --advisory ALAS2-2026-3260 (ALAS-2026-3260)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3260 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler...

9.8CVSS5.9AI score0.00621EPSS
Exploits0References18
Rows per page
Query Builder