Lucene search
K

9396 matches found

Amazon
Amazon
added 2026/05/05 12:0 a.m.8 views

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

7.5CVSS7.3AI score0.16212EPSS
Exploits2
Amazon
Amazon
added 2026/05/05 12:0 a.m.10 views

Medium: docker

Issue Overview: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may...

8.1CVSS5.8AI score0.00387EPSS
Exploits0
Amazon
Amazon
added 2026/05/05 12:0 a.m.16 views

Important: kernel-livepatch-6.18.15-14.217

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96267EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.15 views

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96267EPSS
Exploits228
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.14 views

Amazon Linux 2023 : ecs-service-connect-agent (ALAS2023-2026-1664)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1664 advisory. Envoy is a cloud-native high-performance edge/middle/service proxy. Envoy's 1.31 is using oghttp as the default HTTP/2 codec, and there are potential bugs around stream management in the codec. To...

7.5CVSS7AI score0.00495EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.10 views

Amazon Linux 2 : docker, --advisory ALAS2ECS-2026-113 (ALASECS-2026-113)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2026-113 advisory. Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that...

8.4CVSS5.8AI score0.00387EPSS
Exploits0References6
Amazon
Amazon
added 2026/05/05 12:0 a.m.17 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...

7.8CVSS7AI score0.96267EPSS
Exploits228
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.21 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-116 (ALASKERNEL-5.10-2026-116)

The version of kernel installed on the remote host is prior to 5.10.252-250.1016. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-116 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to...

7.8CVSS7.4AI score0.96267EPSS
Exploits228References12
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.15 views

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1649)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1649 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of t...

7.8CVSS7.4AI score0.96267EPSS
Exploits228References16
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.12 views

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1650)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1650 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of t...

7.8CVSS7.3AI score0.96267EPSS
Exploits228References12
Tenable Nessus
Tenable Nessus
added 2026/05/05 12:0 a.m.16 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-101 (ALASKERNEL-5.15-2026-101)

The version of kernel installed on the remote host is prior to 5.15.202-142.235. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-101 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to operati...

7.8CVSS7.4AI score0.96267EPSS
Exploits228References12
Amazon
Amazon
added 2026/05/05 12:0 a.m.17 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...

7.8CVSS6.8AI score0.96267EPSS
Exploits228
OSV
OSV
added 2026/05/02 1:10 a.m.8 views

CLSA-2026-1777544655 rsync: Fix of 2 CVEs

CVE-2024-12086: prevent server from reading arbitrary client files via path traversal - CVE-2025-10158: fix invalid access to files array in sender - Add upstream stability fix RsyncProject/rsync PR 706: use-after-free in generator - Enable Amazon Linux 2 ELS...

6.8CVSS5.9AI score0.01761EPSS
Exploits1References1
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: dotnet8.0

Issue Overview: Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network. CVE-2026-26171 Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. CVE-2026-32178 Stack-based buffer overfl...

7.5CVSS6.2AI score0.02279EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: firefox

Issue Overview: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

9.8CVSS6AI score0.0035EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Important: firefox

Issue Overview: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

9.8CVSS6.1AI score0.0035EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.13 views

Important: thunderbird

Issue Overview: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

9.8CVSS6AI score0.0035EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.13 views

Important: tigervnc

Issue Overview: XKB Integer Underflow in XkbSetCompatMap CVE-2026-33999 XSYNC Use-after-free in miSyncTriggerFence CVE-2026-34001 XKB Out-of-bounds read in CheckModifierMap CVE-2026-34002 XKB Buffer overflow in CheckKeyTypes CVE-2026-34003 Affected Packages: tigervnc Note: This advisory is...

7.8CVSS5.3AI score0.00489EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.11 views

Amazon Linux 2 : dovecot, --advisory ALAS2-2026-3252 (ALAS-2026-3252)

The version of dovecot installed on the remote host is prior to 2.2.36-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3252 advisory. Doveadm credentials are verified using direct comparison which is susceptible to timing oracle attack. An attacker can us...

7.5CVSS5.7AI score0.00667EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.7 views

Amazon Linux 2023 : maven3.9, maven3.9-amazon-corretto8, maven3.9-amazon-corretto11 (ALAS2023-2026-1602)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1602 advisory. Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus- utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute...

8.8CVSS6.1AI score0.00663EPSS
Exploits0References4
Rows per page
Query Builder