Lucene search
+L

1244 matches found

nessus
nessus
added 2026/05/15 12:0 a.m.10 views

Amazon Linux 2023 : cuda-toolkit (ALAS2023NVIDIA-2026-278)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-278 advisory. NVIDIA CUDA Toolkit contains a vulnerability in command cuobjdump where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may le...

7.8CVSS7.2AI score0.00234EPSS
Exploits0References4
nessus
nessus
added 2026/05/15 12:0 a.m.10 views

Amazon Linux 2023 : cuda (ALAS2023NVIDIA-2026-279)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2026-279 advisory. NVIDIA CUDA Toolkit contains a vulnerability in command cuobjdump where a user may cause an out-of-bound write by passing in a malformed ELF file. A successful exploit of this vulnerability may le...

7.8CVSS5.9AI score0.00234EPSS
Exploits0References4
nessus
nessus
added 2026/05/14 12:0 a.m.11 views

Amazon Linux 2023 : cuda-toolkit (ALAS2023NVIDIA-2025-031)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2025-031 advisory. NVIDIA CUDA toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a user could cause an out-of-bounds read by passing a malformed ELF file to cuobjdump. A...

3.3CVSS5.8AI score0.00243EPSS
Exploits0References20
amazon
amazon
added 2026/05/09 12:0 a.m.14 views

Low: PackageKit

Issue Overview: A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other...

3.3CVSS5.8AI score0.00228EPSS
Exploits0
nessus
nessus
added 2026/05/09 12:0 a.m.13 views

Amazon Linux 2023 : java-25-amazon-corretto, java-25-amazon-corretto-devel, java-25-amazon-corretto-headless (ALAS2023-2026-1686)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1686 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...

7.5CVSS7.2AI score0.00702EPSS
Exploits0References18
amazon
amazon
added 2026/05/09 12:0 a.m.26 views

Important: kernel-livepatch-6.12.79-101.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

7.8CVSS6AI score0.93235EPSS
Exploits31
amazon
amazon
added 2026/05/09 12:0 a.m.22 views

Important: kernel-livepatch-6.12.74-98.124

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

7.8CVSS6AI score0.93235EPSS
Exploits31
amazon
amazon
added 2026/05/09 12:0 a.m.19 views

Important: kernel-livepatch-6.18.25-52.107

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

7.8CVSS6AI score0.93235EPSS
Exploits31
amazon
amazon
added 2026/05/09 12:0 a.m.17 views

Important: kernel-livepatch-6.12.83-111.159

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...

7.8CVSS6AI score0.93235EPSS
Exploits31
nessus
nessus
added 2026/05/09 12:0 a.m.8 views

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1694)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1694 advisory. In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption CVE-2026-31533 In the Linux kernel, the following...

9.8CVSS7.1AI score0.93235EPSS
Exploits31References34
nessus
nessus
added 2026/05/09 12:0 a.m.14 views

Amazon Linux 2023 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2023-2026-1684)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1684 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...

7.5CVSS5.8AI score0.00702EPSS
Exploits0References16
amazon
amazon
added 2026/05/09 12:0 a.m.26 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: afunix: Give up GC if MSGPEEK intervened. CVE-2026-23394 In the Linux kernel, the following vulnerability has been resolved: ipv6: add NULL checks for idev in SRv6 paths CVE-2026-23442 In the Linux kernel, the...

9.8CVSS6AI score0.00514EPSS
Exploits0
nessus
nessus
added 2026/05/09 12:0 a.m.21 views

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1695)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1695 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: do not free data reservation in fallback from inline due to -ENOSPC CVE-2025-71269 In the Linux kernel, the following...

9.8CVSS7AI score0.93235EPSS
Exploits32References214
amazon
amazon
added 2026/05/05 12:0 a.m.17 views

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96267EPSS
Exploits230
amazon
amazon
added 2026/05/05 12:0 a.m.9 views

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

7.5CVSS7.3AI score0.17301EPSS
Exploits2
nessus
nessus
added 2026/05/05 12:0 a.m.14 views

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1650)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1650 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of t...

7.8CVSS7.3AI score0.96267EPSS
Exploits230References12
nessus
nessus
added 2026/05/05 12:0 a.m.15 views

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1649)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1649 advisory. In the Linux kernel, the following vulnerability has been resolved:crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of t...

7.8CVSS7.4AI score0.96267EPSS
Exploits230References16
amazon
amazon
added 2026/05/05 12:0 a.m.18 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands as an administrator user: echo...

7.8CVSS7AI score0.96267EPSS
Exploits230
amazon
amazon
added 2026/04/30 12:0 a.m.4 views

Low: python-pip

Issue Overview: When pip is installing and extracting a maliciously crafted wheel archive, files may be extracted outside the installation directory. The path traversal is limited to prefixes of the installation directory, thus isn't able to inject or overwrite executable files in typical...

2CVSS5.2AI score0.0039EPSS
Exploits1
amazon
amazon
added 2026/04/30 12:0 a.m.9 views

Low: nodejs22

Issue Overview: A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to excessive CPU consumption, which can result in a Denial of Service DoS for the...

5.5CVSS5.2AI score0.00204EPSS
Exploits1
Rows per page
Query Builder