Lucene search
K

633 matches found

CVE
CVE
added 2026/03/20 10:16 a.m.30 views

CVE-2026-33131

CVE-2026-33131 affects H3, a minimal HTTP framework. Versions 2.0.0-0 through 2.0.1-rc.14 expose a Host header spoofing flaw in the NodeRequestUrl/FastURL path, enabling middleware bypass when an attacker manipulates event.url properties (e.g., via Host header) so route matching succeeds but auth...

9.1CVSS5.8AI score0.00388EPSS
Exploits1References1Affected Software1
Amazon
Amazon
added 2026/02/19 12:0 a.m.9 views

Important: runc

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: runc Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to...

7.8CVSS6.4AI score0.00532EPSS
Exploits0
Amazon
Amazon
added 2026/02/19 12:0 a.m.12 views

Medium: amazon-ecr-credential-helper

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS7.5AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/02/19 12:0 a.m.17 views

Medium: runc

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS7.5AI score0.01945EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.7 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-087 (ALASNITRO-ENCLAVES-2026-087)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-087 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of...

10CVSS7.2AI score0.01945EPSS
Exploits2References10
Amazon
Amazon
added 2026/02/19 12:0 a.m.11 views

Medium: oci-add-hooks

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS5.7AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/02/19 12:0 a.m.16 views

Medium: docker

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS5.7AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/02/19 12:0 a.m.12 views

Medium: containerd

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS5.7AI score0.01945EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.3 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2026-091 (ALASNITRO-ENCLAVES-2026-091)

The version of oci-add-hooks installed on the remote host is prior to 0-0.7.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-091 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of...

10CVSS5.9AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.7 views

Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2026-089 (ALASNITRO-ENCLAVES-2026-089)

The version of runc installed on the remote host is prior to 1.3.4-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-089 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing...

10CVSS7.8AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.7 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-088 (ALASNITRO-ENCLAVES-2026-088)

The version of containerd installed on the remote host is prior to 2.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-088 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsin...

10CVSS5.9AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.17 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-090 (ALASNITRO-ENCLAVES-2026-090)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-090 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing...

10CVSS5.9AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.10 views

Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2026-092 (ALASNITRO-ENCLAVES-2026-092)

The version of runc installed on the remote host is prior to 1.3.4-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-092 advisory. cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code...

8.6CVSS6.5AI score0.00532EPSS
Exploits0References6
Fedora
Fedora
added 2026/02/11 1:0 a.m.9 views

[SECURITY] Fedora 42 Update: rust-eif_build-0.2.1-6.fc42

This CLI tool provides a low level path to assemble an enclave image format EIF file used in AWS Nitro Enclaves...

7.5CVSS5.5AI score0.00443EPSS
Exploits1
Fedora
Fedora
added 2026/02/10 1:34 a.m.6 views

[SECURITY] Fedora 43 Update: rust-eif_build-0.2.1-6.fc43

This CLI tool provides a low level path to assemble an enclave image format EIF file used in AWS Nitro Enclaves...

7.5CVSS5.5AI score0.00443EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

Amazon Linux 2023 : aws-nitro-enclaves-cli, aws-nitro-enclaves-cli-devel, aws-nitro-enclaves-cli-integration-tests (ALAS2023-2026-1371)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1371 advisory. openssl: rust-openssl Use-After-Free in Md::fetch and Cipher::fetch CVE-2025-3416 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that...

3.7CVSS5.4AI score0.00486EPSS
Exploits0References4
Amazon
Amazon
added 2026/02/05 12:0 a.m.10 views

Medium: aws-nitro-enclaves-cli

Issue Overview: openssl: rust-openssl Use-After-Free in Md::fetch and Cipher::fetch CVE-2025-3416 Affected Packages: aws-nitro-enclaves-cli Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ sectio...

3.7CVSS5.4AI score0.00486EPSS
Exploits0
Amazon
Amazon
added 2026/02/05 12:0 a.m.5 views

Medium: aws-nitro-enclaves-cli

Issue Overview: openssl: rust-openssl Use-After-Free in Md::fetch and Cipher::fetch CVE-2025-3416 Affected Packages: aws-nitro-enclaves-cli Issue Correction: Run dnf update aws-nitro-enclaves-cli --releasever 2023.10.20260202 or dnf update --advisory ALAS2023-2026-1371 --releasever 2023.10.202602...

3.7CVSS5.4AI score0.00486EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

Amazon Linux 2 : aws-nitro-enclaves-cli, --advisory ALAS2NITRO-ENCLAVES-2026-086 (ALASNITRO-ENCLAVES-2026-086)

The version of aws-nitro-enclaves-cli installed on the remote host is prior to 1.4.4-0. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2026-086 advisory. openssl: rust-openssl Use-After-Free in Md::fetch and Cipher::fetch CVE-2025-3416 Tenable has extracted...

3.7CVSS5.5AI score0.00486EPSS
Exploits0References4
Amazon
Amazon
added 2026/01/22 12:0 a.m.14 views

Important: docker

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

7.5CVSS6.8AI score0.00585EPSS
Exploits3
Rows per page
Query Builder