Lucene search
K

9391 matches found

Amazon
Amazon
added 2026/02/05 12:0 a.m.8 views

Medium: soci-snapshotter

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS7.5AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/02/05 12:0 a.m.10 views

Medium: libcap

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS7.5AI score0.01945EPSS
Exploits2
Amazon
Amazon
added 2026/02/05 12:0 a.m.9 views

Medium: capstone

Issue Overview: Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds-checked, so a user-provided skipdata callback can make csdisasm/csdisasmiter memcpy more than 24 bytes into csinsn.bytes, causing a heap buffer overflow in the disassembly path...

7.8CVSS5.8AI score0.00191EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.2 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3155 (ALAS-2026-3155)

The version of nerdctl installed on the remote host is prior to 2.2.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3155 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program ...

5.3CVSS6.8AI score0.00521EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.8 views

Amazon Linux 2 : cni-plugins, --advisory ALAS2-2026-3134 (ALAS-2026-3134)

The version of cni-plugins installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3134 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary...

10CVSS7.8AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3132 (ALAS-2026-3132)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3132 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to...

9.8CVSS6AI score0.00609EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2023 : nerdctl (ALAS2023-2026-1401)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1401 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processe...

10CVSS7.8AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.19 views

Amazon Linux 2023 : soci-snapshotter (ALAS2023-2026-1421)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1421 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processe...

10CVSS7.8AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

Amazon Linux 2 : python-pyasn1, --advisory ALAS2-2026-3148 (ALAS-2026-3148)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3148 advisory. pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This...

7.5CVSS5.3AI score0.00679EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2026-1416)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1416 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire...

8.9CVSS5.5AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.7 views

Amazon Linux 2 : java-1.8.0-amazon-corretto, --advisory ALAS2CORRETTO8-2026-022 (ALASCORRETTO8-2026-022)

The version of java-1.8.0-amazon-corretto installed on the remote host is prior to 1.8.0482.b08-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2CORRETTO8-2026-022 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise...

7.5CVSS5.7AI score0.00864EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.9 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-111 (ALASKERNEL-5.10-2026-111)

The version of kernel installed on the remote host is prior to 5.10.247-246.992. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.10-2026-111 advisory. In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu CVE-2025-40075...

5.3AI score0.00181EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.12 views

Amazon Linux 2 : kernel, --advisory ALAS2-2026-3161 (ALAS-2026-3161)

The version of kernel installed on the remote host is prior to 4.14.355-280.713. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3161 advisory. In the Linux kernel, the following vulnerability has been resolved: net: iptunnel: prevent perpetual headroom grow...

5.3CVSS6.1AI score0.00992EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

Amazon Linux 2 : nerdctl, --advisory ALAS2-2026-3146 (ALAS-2026-3146)

The version of nerdctl installed on the remote host is prior to 2.2.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3146 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP...

10CVSS7.2AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.8 views

Amazon Linux 2023 : libpng, libpng-devel, libpng-static (ALAS2023-2026-1390)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1390 advisory. LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image files. From 1.6.51 to 1.6.53, there is a heap buffer over-rea...

7.8CVSS6.3AI score0.00224EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.7 views

Amazon Linux 2 : golang, --advisory ALAS2-2026-3136 (ALAS-2026-3136)

The version of golang installed on the remote host is prior to 1.24.12-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3136 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP...

10CVSS8.4AI score0.01945EPSS
Exploits2References14
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.9 views

Amazon Linux 2023 : libsoup, libsoup-devel (ALAS2023-2026-1391)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1391 advisory. A flaw in libsoup's HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, ...

8.2CVSS5.5AI score0.00496EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.10 views

Amazon Linux 2 : java-17-amazon-corretto, --advisory ALAS2-2026-3140 (ALAS-2026-3140)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.18+9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3140 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

7.5CVSS5.7AI score0.00864EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1404)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1404 advisory. Bypass File System Permissions using crafted symlinks CVE-2025-55130 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using th...

9.1CVSS7AI score0.03782EPSS
Exploits2References18
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2 : python-pip, --advisory ALAS2-2026-3147 (ALAS-2026-3147)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3147 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire respon...

8.9CVSS5.5AI score0.02667EPSS
Exploits0References4
Rows per page
Query Builder