Lucene search
K

64 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.12 views

Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3373 (ALAS-2026-3373)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3373 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions...

7.5CVSS6.1AI score0.00346EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

Amazon Linux 2 : python-pip, --advisory ALAS2-2026-3358 (ALAS-2026-3358)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3358 advisory. A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially...

8CVSS6.2AI score0.0032EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.7 views

Amazon Linux 2 : perl-DBI, --advisory ALAS2-2026-3361 (ALAS-2026-3361)

The version of perl-DBI installed on the remote host is prior to 1.627-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3361 advisory. DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Amazon Linux 2 : golist, --advisory ALAS2-2026-3382 (ALAS-2026-3382)

The version of golist installed on the remote host is prior to 0.10.1-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3382 advisory. x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN...

7.5CVSS6.3AI score0.00904EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.8 views

Amazon Linux 2 : perl-YAML-Syck, --advisory ALAS2-2026-3327 (ALAS-2026-3327)

The version of perl-YAML-Syck installed on the remote host is prior to 1.27-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3327 advisory. YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. The base60 sexagesimal parsing code in perlsyck.h has a...

7.3CVSS5.9AI score0.00333EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.11 views

Amazon Linux 2 : python-mako, --advisory ALAS2-2026-3333 (ALAS-2026-3333)

The version of python-mako installed on the remote host is prior to 0.8.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3333 advisory. Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.gettemplate is vulnerable to path traversal when ...

8.7CVSS5.5AI score0.00361EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.16 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3334 (ALAS-2026-3334)

The version of nerdctl installed on the remote host is prior to 2.2.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3334 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing...

10CVSS6.1AI score0.005EPSS
Exploits0References40
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.9 views

Amazon Linux 2 : libXpm, --advisory ALAS2-2026-3291 (ALAS-2026-3291)

The version of libXpm installed on the remote host is prior to 3.5.12-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3291 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description...

5.5CVSS4.9AI score0.00129EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.15 views

Amazon Linux 2 : python-tornado, --advisory ALAS2-2026-3286 (ALAS-2026-3286)

The version of python-tornado installed on the remote host is prior to 4.2.1-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3286 advisory. In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to...

7.2CVSS5.8AI score0.00237EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.17 views

Amazon Linux 2 : python3, --advisory ALAS2-2026-3281 (ALAS-2026-3281)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3281 advisory. Mitgation of CVE-2026-4519 was incomplete. If the URL contained %action the mitigation could be bypassed for certain...

9.1CVSS5.8AI score0.00579EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/09 12:0 a.m.10 views

Amazon Linux 2 : kernel, --advisory ALAS2-2026-3302 (ALAS-2026-3302)

The version of kernel installed on the remote host is prior to 4.14.355-282.728. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3302 advisory. In the Linux kernel, the following vulnerability has been resolved:xfrm: esp: avoid in-place decrypt on shared skb...

8.8CVSS6.1AI score0.93235EPSS
Exploits33References6
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.12 views

Amazon Linux 2 : kernel, --advisory ALAS2-2026-3289 (ALAS-2026-3289)

The version of kernel installed on the remote host is prior to 4.14.355-281.727. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3289 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD...

7.8CVSS6.9AI score0.96267EPSS
Exploits228References14
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.14 views

Amazon Linux 2 : gstreamer-plugins-good, --advisory ALAS2-2026-3250 (ALAS-2026-3250)

The version of gstreamer-plugins-good installed on the remote host is prior to 0.10.31-20. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3250 advisory. An out-of-bounds read in the WAV parser that can cause crashes for certain input files. CVE-2026-1940 Tenable has...

7.5CVSS7.3AI score0.00225EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3271 (ALAS-2026-3271)

The version of thunderbird installed on the remote host is prior to 140.9.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3271 advisory. Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 an...

9.8CVSS6.2AI score0.0035EPSS
Exploits0References8
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Medium: libpng

Issue Overview: Use-after-free in pngsetPLTE, pngsettRNS and pngsethIST in libpng before 1.6.57. Passing a pointer returned by the corresponding getter back into the setter causes the setter to read from a stale pointer after freeing the internal buffer, leading to corrupted chunk data and...

5.1CVSS5.2AI score0.00195EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.18 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3265 (ALAS-2026-3265)

The version of nerdctl installed on the remote host is prior to 2.2.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3265 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go compiler...

9.8CVSS6.1AI score0.00651EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.12 views

Amazon Linux 2 : xorg-x11-server, --advisory ALAS2-2026-3268 (ALAS-2026-3268)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3268 advisory. XKB Integer Underflow in XkbSetCompatMap CVE-2026-33999 XSYNC Use-after-free in miSyncTriggerFence CVE-2026-34001 XKB Out-of-bounds read in CheckModifierMap CVE-2026-34002 XKB Buffer overflow in...

9.1CVSS5.9AI score0.00489EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.5 views

Amazon Linux 2 : perl-XML-Parser, --advisory ALAS2-2026-3230 (ALAS-2026-3230)

The version of perl-XML-Parser installed on the remote host is prior to 2.41-10. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3230 advisory. XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption...

9.8CVSS6.1AI score0.00604EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.7 views

Amazon Linux 2 : libtiff, --advisory ALAS2-2026-3235 (ALAS-2026-3235)

The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3235 advisory. A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the...

7.8CVSS6AI score0.00553EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.4 views

Amazon Linux 2 : libvncserver, --advisory ALAS2-2026-3247 (ALAS-2026-3247)

The version of libvncserver installed on the remote host is prior to 0.9.9-14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3247 advisory. LibVNCServer versions 0.9.15 and prior fixed in commit 009008e contain a heap out-of-bounds read vulnerability in th...

8.1CVSS5.9AI score0.05322EPSS
Exploits2References6
Rows per page
Query Builder