Lucene search
K

9394 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.8 views

Amazon Linux 2023 : composer (ALAS2023-2026-1800)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1800 advisory. Github Actions issued GITHUBTOKEN disclosure in GitHub Actions logs CVE-2026-45793 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that...

5.8AI score0.00079EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.9 views

Amazon Linux 2023 : perl-HTTP-Tiny, perl-HTTP-Tiny-tests (ALAS2023-2026-1765)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1765 advisory. HTTP::Tiny versions before 0.093 for Perl do not validate CRLF in HTTP request lines or control field header values. The unvalidated inputs are the method and URI in the request line, the URL host that...

6.5CVSS5.6AI score0.00227EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.9 views

Amazon Linux 2023 : vorbis-tools (ALAS2023-2026-1812)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1812 advisory. A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control...

8.2CVSS5.9AI score0.00515EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.14 views

Amazon Linux 2 : atril, --advisory ALAS2MATE-DESKTOP1.X-2026-011 (ALASMATE-DESKTOP1.X-2026-011)

The version of atril installed on the remote host is prior to 1.20.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2MATE-DESKTOP1.X-2026-011 advisory. CVE-2026-46529 is a command injection vulnerability in Evince, Atril, and Xreader caused by missing quoting of...

8.4CVSS5.6AI score0.00529EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.15 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-108 (ALASNITRO-ENCLAVES-2026-108)

The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-108 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with ...

10CVSS6.9AI score0.03092EPSS
Exploits2References16
Amazon
Amazon
added 2026/06/08 12:0 a.m.11 views

Important: amazon-ssm-agent

Issue Overview: When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0. CVE-2026-33814 Affected Packages: amazon-ssm-agent Issue Correction: Run dnf update amazon-ssm-agent --releasever...

7.5CVSS5.4AI score0.00781EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

Amazon Linux 2023 : postgresql17, postgresql17-contrib, postgresql17-llvmjit (ALAS2023-2026-1766)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1766 advisory. Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to...

8.8CVSS6.7AI score0.00668EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2 : ecs-init, --advisory ALAS2ECS-2026-120 (ALASECS-2026-120)

The version of ecs-init installed on the remote host is prior to 1.103.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-120 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory an...

7.5CVSS5.9AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.41 views

Amazon Linux 2023 : libssh2, libssh2-devel (ALAS2023-2026-1779)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1779 advisory. A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument...

9.1CVSS7.3AI score0.00466EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2026-1773)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1773 advisory. NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-...

9.2CVSS6.1AI score0.04261EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.8 views

Amazon Linux 2 : postgresql, --advisory ALAS2POSTGRESQL14-2026-024 (ALASPOSTGRESQL14-2026-024)

The version of postgresql installed on the remote host is prior to 14.23-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2POSTGRESQL14-2026-024 advisory. Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use...

8.8CVSS6.7AI score0.00668EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.11 views

Amazon Linux 2 : 389-ds-base, --advisory ALAS2-2026-3339 (ALAS-2026-3339)

The version of 389-ds-base installed on the remote host is prior to 1.3.10.2-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3339 advisory. A flaw was found in 389-ds-base. The getldapmessagecontrolsext function in the LDAP server does not enforce an upper bound ...

7.5CVSS5.9AI score0.00815EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.9 views

Amazon Linux 2 : runfinch-finch, --advisory ALAS2DOCKER-2026-128 (ALASDOCKER-2026-128)

The version of runfinch-finch installed on the remote host is prior to 1.17.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-128 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounde...

10CVSS5.8AI score0.005EPSS
Exploits0References28
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

Amazon Linux 2023 : device-mapper-persistent-data (ALAS2023-2026-1791)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1791 advisory. An unsoundness issue RUSTSEC-2026-0097 was found in the bundled Rust rand crate used by device-mapper- persistent-data. ThreadRng methods use unsafe code that can create aliased mutable references when...

5.6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.12 views

Amazon Linux 2 : unbound, --advisory ALAS2-2026-3322 (ALAS-2026-3322)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3322 advisory. NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables...

10CVSS6.4AI score0.01272EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.8 views

Amazon Linux 2023 : radvd (ALAS2023-2026-1799)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1799 advisory. Stack Buffer Overflow in radvdump Route Information Option Parser NOTE: https://github.com/radvd-project/radvd/security/advisories/GHSA-52px-gh9p-m379 CVE-2026-48715 Tenable has extracted the preceding...

8.8CVSS5.9AI score0.00203EPSS
Exploits0References4
Amazon
Amazon
added 2026/06/08 12:0 a.m.10 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix a race condition between loginwork and the login thread CVE-2022-50350 In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache...

8.8CVSS4.8AI score0.00129EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.25 views

Amazon Linux 2023 : capstone, capstone-devel, capstone-java (ALAS2023-2026-1772)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1772 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream's index negative or past the en...

9.8CVSS7.8AI score0.00163EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.13 views

Amazon Linux 2 : capstone, --advisory ALAS2-2026-3351 (ALAS-2026-3351)

The version of capstone installed on the remote host is prior to 3.0.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3351 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a...

9.8CVSS7.8AI score0.00163EPSS
Exploits0References4
Amazon
Amazon
added 2026/06/08 12:0 a.m.10 views

Medium: capstone

Issue Overview: Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, an unchecked vsnprintf return in SStreamconcat lets a malicious csoptmem.vsnprintf drive SStream's index negative or past the end, leading to a stack buffer underflow/overflow when the next write occurs. Comm...

9.8CVSS7.7AI score0.00163EPSS
Exploits0
Rows per page
Query Builder