Lucene search
K

30 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

Amazon Linux 2023 : aspnetcore-runtime-10.0, aspnetcore-runtime-dbg-10.0, aspnetcore-targeting-pack-10.0 (ALAS2023-2026-1867)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1867 advisory. Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Improper link resolution before file access 'link following' in .NET allows an...

7.8CVSS5.8AI score0.0243EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2026-3350 (ALAS-2026-3350)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.4515.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3350 advisory. When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it...

7.5CVSS5.5AI score0.00781EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/15 12:0 a.m.17 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-103 (ALASKERNEL-5.15-2026-103)

The version of kernel installed on the remote host is prior to 5.15.204-143.231. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-103 advisory. In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag...

8.8CVSS6.3AI score0.03663EPSS
Exploits18References6
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.19 views

Amazon Linux 2 : runc, --advisory ALAS2ECS-2026-114 (ALASECS-2026-114)

The version of runc installed on the remote host is prior to 1.3.4-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-114 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler...

9.8CVSS6.9AI score0.00621EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/04/01 12:0 a.m.8 views

Amazon Linux 2 : perl-YAML-Syck, --advisory ALAS2-2026-3216 (ALAS-2026-3216)

The version of perl-YAML-Syck installed on the remote host is prior to 1.27-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3216 advisory. YAML::Syck versions through 1.36 for Perl has several potential security vulnerabilities including a high- severity heap buff...

9.1CVSS6.2AI score0.00429EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.3 views

Amazon Linux 2 : ecs-init, --advisory ALAS2ECS-2025-092 (ALASECS-2025-092)

The version of ecs-init installed on the remote host is prior to 1.82.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-092 advisory. A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer to log a single-line payload...

7.5CVSS7.5AI score0.00585EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.8 views

Amazon Linux 2 : audiofile, --advisory ALAS2-2025-3087 (ALAS-2025-3087)

The version of audiofile installed on the remote host is prior to 0.3.6-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3087 advisory. Audiofile v0.3.7 was discovered to contain a NULL pointer dereference via the ModuleState::setup function. CVE-2025-50950 Tenabl...

7.5CVSS5.5AI score0.0033EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.5 views

Amazon Linux 2 : amazon-efs-utils, --advisory ALAS2-2025-3076 (ALAS-2025-3076)

The version of amazon-efs-utils installed on the remote host is prior to 2.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3076 advisory. regex is an implementation of regular expressions for the Rust language. The regex crate features built-in...

7.5CVSS7.2AI score0.1446EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.5 views

Amazon Linux 2023 : libnvjpeg-12, libnvjpeg-devel-12 (ALAS2023NVIDIA-2025-197)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-197 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

5.7CVSS5.4AI score0.00141EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.4 views

Amazon Linux 2 : polkit, --advisory ALAS2-2025-3024 (ALAS-2025-3024)

The version of polkit installed on the remote host is prior to 0.112-26. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3024 advisory. A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be...

6.7CVSS6.3AI score0.00184EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.7 views

Amazon Linux 2 : compat-libtiff3, --advisory ALAS2-2025-3021 (ALAS-2025-3021)

The version of compat-libtiff3 installed on the remote host is prior to 3.9.4-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3021 advisory. Write-What-Where in libtiff via TIFFReadRGBAImageOriented CVE-2025-9900 Tenable has extracted the preceding description...

8.8CVSS6AI score0.00739EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.6 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2025-075 (ALASECS-2025-075)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-075 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking...

6.8CVSS6.5AI score0.0056EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.7 views

Amazon Linux 2 : krb5, --advisory ALAS2-2025-2985 (ALAS-2025-2985)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2985 advisory. krb5: overflow when calculating ulog block size CVE-2025-24528 A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weakness...

7.1CVSS6.9AI score0.00606EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/09/04 12:0 a.m.5 views

Amazon Linux 2 : vorbis-tools, --advisory ALAS2-2025-2983 (ALAS-2025-2983)

The version of vorbis-tools installed on the remote host is prior to 1.4.0-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2983 advisory. Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of...

7.8CVSS7.7AI score0.00448EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Amazon Linux 2 : mod_security (ALAS-2025-2963)

The version of modsecurity installed on the remote host is prior to 2.9.11-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2963 advisory. ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. In versions 2.9.8...

6.5CVSS8.2AI score0.00346EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/06/12 12:0 a.m.7 views

Amazon Linux 2 : mod_security (ALAS-2025-2887)

The version of modsecurity installed on the remote host is prior to 2.9.10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2887 advisory. ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions...

7.5CVSS7.7AI score0.0076EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2025/05/29 12:0 a.m.21 views

Amazon Linux 2 : open-vm-tools (ALAS-2025-2864)

The version of open-vm-tools installed on the remote host is prior to 12.3.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2864 advisory. VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a gue...

6.1CVSS6.5AI score0.00247EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/29 12:0 a.m.12 views

Amazon Linux 2 : postgresql (ALAS-2025-2866)

The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2866 advisory. Improper neutralization of quoting syntax in PostgreSQL libpq functions PQescapeLiteral, PQescapeIdentifier, PQescapeString, an...

8.1CVSS8.2AI score0.89472EPSS
Exploits10References4
Tenable Nessus
Tenable Nessus
added 2025/04/30 12:0 a.m.11 views

Amazon Linux AMI : python26 (ALAS-2025-1972)

The version of python26 installed on the remote host is prior to 2.6.9-2.92. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2025-1972 advisory. A CRLF injection flaw was discovered in python in the way URLs are handled when doing an HTTP/HTTPS connection e.g...

7.5CVSS7.2AI score0.06304EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/04/22 12:0 a.m.14 views

Amazon Linux AMI : golang (ALAS-2025-1971)

The version of golang installed on the remote host is prior to 1.23.7-1.50. It is, therefore, affected by a vulnerability as referenced in the ALAS-2025-1971 advisory. Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a...

7.5CVSS7.1AI score0.01403EPSS
Exploits0References4
Rows per page
Query Builder