Lucene search
K

9394 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

Amazon Linux 2023 : python3.13-pip, python3.13-pip-wheel (ALAS2023-2026-1413)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1413 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire...

8.9CVSS5.5AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2 : python3-urllib3, --advisory ALAS2-2026-3131 (ALAS-2026-3131)

The version of python3-urllib3 installed on the remote host is prior to 1.25.6-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3131 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP...

8.9CVSS5.6AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.2 views

Amazon Linux 2023 : unzip (ALAS2023-2026-1422)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1422 advisory. Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a better zip bomb issue. CVE-2019-13232 Tenable has extracted the...

3.3CVSS5.4AI score0.00495EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.22 views

Amazon Linux 2023 : openssl, openssl-devel, openssl-fips-provider-latest (ALAS2023-2026-1406)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1406 advisory. A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector ...

9.8CVSS7.4AI score0.47621EPSS
Exploits7References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2 : libxml2, --advisory ALAS2-2026-3144 (ALAS-2026-3144)

The version of libxml2 installed on the remote host is prior to 2.9.1-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3144 advisory. A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the...

5.9CVSS5.6AI score0.00755EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

Amazon Linux 2 : ImageMagick, --advisory ALAS2-2026-3132 (ALAS-2026-3132)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3132 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to...

9.8CVSS6AI score0.00609EPSS
Exploits3References8
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2023 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2023-2026-1385)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1385 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: RMI. Supported versions that are affected are Oracle Java SE...

7.5CVSS5.7AI score0.00864EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.4 views

Amazon Linux 2 : python-urllib3, --advisory ALAS2-2026-3149 (ALAS-2026-3149)

The version of python-urllib3 installed on the remote host is prior to 1.25.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3149 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP...

8.9CVSS5.6AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

Amazon Linux 2 : python-pyasn1, --advisory ALAS2-2026-3148 (ALAS-2026-3148)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3148 advisory. pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This...

7.5CVSS5.3AI score0.00679EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1408)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1408 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire...

8.9CVSS5.5AI score0.02667EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-097 (ALASKERNEL-5.15-2026-097)

The version of kernel installed on the remote host is prior to 5.15.197-138.223. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.15-2026-097 advisory. In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu CVE-2025-40075...

5.3AI score0.00181EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

Amazon Linux 2023 : libxml2, libxml2-devel, libxml2-static (ALAS2023-2026-1397)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1397 advisory. A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives...

3.7CVSS5.5AI score0.00419EPSS
Exploits1References4
Amazon
Amazon
added 2026/01/23 12:0 a.m.11 views

Important: sox

Issue Overview: SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program crashes. Attackers can trigger a floating point exception by providing a specially crafted WAV file that causes arithmetic errors during sound file processing. CVE-2022-50798 Affect...

5.6AI score0.00039EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.6 views

Amazon Linux 2023 : openexr, openexr-devel, openexr-libs (ALAS2023-2026-1364)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1364 advisory. Academy Software Foundation OpenEXR EXR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on...

7.8CVSS6.3AI score0.00158EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.3 views

Amazon Linux 2023 : python3.11-pip, python3.11-pip-wheel (ALAS2023-2026-1368)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1368 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.5 views

Amazon Linux 2023 : python3.12-pip, python3.12-pip-wheel (ALAS2023-2026-1367)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1367 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.7 views

Amazon Linux 2023 : python3-pip, python3-pip-wheel (ALAS2023-2026-1366)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1366 advisory. urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server...

8.9CVSS5.9AI score0.00633EPSS
Exploits0References6
Amazon
Amazon
added 2026/01/23 12:0 a.m.8 views

Medium: python-pip

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage an...

8.9CVSS7.3AI score0.00633EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.3 views

Amazon Linux 2023 : composer (ALAS2023-2026-1365)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1365 advisory. Composer is a dependency manager for PHP. In versions on the 2.x branch prior to 2.2.26 and 2.9.3, attackers controlling remote sources that Composer downloads from might in some way inject ANSI contro...

5.3CVSS6AI score0.00405EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.12 views

Amazon Linux 2023 : net-snmp, net-snmp-agent-libs, net-snmp-devel (ALAS2023-2026-1362)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1362 advisory. net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to...

9.8CVSS5.9AI score0.4269EPSS
Exploits2References4
Rows per page
Query Builder