Lucene search
K

3307 matches found

Amazon
Amazon
added 2026/02/19 12:0 a.m.8 views

Medium: soci-snapshotter

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

10CVSS5.7AI score0.01945EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.5 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-087 (ALASNITRO-ENCLAVES-2026-087)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-087 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of...

10CVSS7.2AI score0.01945EPSS
Exploits2References10
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.7 views

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3167 (ALAS-2026-3167)

The version of thunderbird installed on the remote host is prior to 140.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3167 advisory. Spoofing issue in the Downloads Panel component. This vulnerability affects Firefox 146. CVE-2025-14327 CSS-based...

9.8CVSS9.3AI score0.0057EPSS
Exploits0References30
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.10 views

Amazon Linux 2 : expat, --advisory ALAS2-2026-3170 (ALAS-2026-3170)

The version of expat installed on the remote host is prior to 2.1.0-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3170 advisory. In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer...

7.8CVSS7AI score0.00193EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.6 views

Amazon Linux 2 : golang, --advisory ALAS2-2026-3172 (ALAS-2026-3172)

The version of golang installed on the remote host is prior to 1.24.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3172 advisory. A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary. CVE-2025-617...

8.6CVSS7.2AI score0.00472EPSS
Exploits0References4
Amazon
Amazon
added 2026/02/05 12:0 a.m.9 views

Low: libxml2

Issue Overview: A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during...

3.7CVSS5.5AI score0.00419EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2 : python3-urllib3, --advisory ALAS2-2026-3131 (ALAS-2026-3131)

The version of python3-urllib3 installed on the remote host is prior to 1.25.6-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3131 advisory. urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP...

8.9CVSS5.6AI score0.02667EPSS
Exploits0References4
Amazon
Amazon
added 2026/02/05 12:0 a.m.8 views

Medium: rsync

Issue Overview: A malicious client acting as the receiver of an rsync file transfer can trigger an out of bounds read of a heap based buffer, via a negative array index. The malicious rsync client requires at least read access to the remote rsync module in order to trigger the issue. CVE-2025-101...

4.3CVSS5.5AI score0.00283EPSS
Exploits0
Amazon
Amazon
added 2026/02/05 12:0 a.m.7 views

Important: golang

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 cmd/go: bypass of flag sanitization ca...

10CVSS6.3AI score0.01945EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.9 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-111 (ALASKERNEL-5.10-2026-111)

The version of kernel installed on the remote host is prior to 5.10.247-246.992. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.10-2026-111 advisory. In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu CVE-2025-40075...

5.3AI score0.00181EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2 : aws-nitro-enclaves-cli, --advisory ALAS2NITRO-ENCLAVES-2026-086 (ALASNITRO-ENCLAVES-2026-086)

The version of aws-nitro-enclaves-cli installed on the remote host is prior to 1.4.4-0. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2026-086 advisory. openssl: rust-openssl Use-After-Free in Md::fetch and Cipher::fetch CVE-2025-3416 Tenable has extracted...

3.7CVSS5.5AI score0.00452EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2026-117 (ALASKERNEL-5.4-2026-117)

The version of kernel installed on the remote host is prior to 5.4.302-222.455. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.4-2026-117 advisory. In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu CVE-2025-40075...

5.3AI score0.00181EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.6 views

Amazon Linux 2 : python-pyasn1, --advisory ALAS2-2026-3148 (ALAS-2026-3148)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3148 advisory. pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2, a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. This...

7.5CVSS5.3AI score0.00679EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.5 views

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-097 (ALASKERNEL-5.15-2026-097)

The version of kernel installed on the remote host is prior to 5.15.197-138.223. It is, therefore, affected by a vulnerability as referenced in the ALAS2KERNEL-5.15-2026-097 advisory. In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu CVE-2025-40075...

5.3AI score0.00181EPSS
Exploits0References4
Amazon
Amazon
added 2026/01/22 12:0 a.m.7 views

Medium: php

Issue Overview: NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7 NOTE: https://github.com/php/php-src/commit/c5f28c7cf0a052f48e47877c7aa5c5bcc54f1cfc DEBIANBUG: 1123574 CVE-2025-14177 NOTE: https://github.com/php/php-src/security/advisories/GHSA-h96m-rvf9-jgm2 NOTE:...

8.2CVSS5.6AI score0.00573EPSS
Exploits4
Amazon
Amazon
added 2026/01/22 12:0 a.m.9 views

Important: docker

Issue Overview: SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read. CVE-2025-47914 SSH servers parsing GSSAPI authentication requests do not validate the number...

7.5CVSS6.8AI score0.00585EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.4 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-085 (ALASNITRO-ENCLAVES-2026-085)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-085 advisory. SSH Agent servers do not validate the size of messages when processing new identity requests, which may caus...

7.5CVSS6.8AI score0.00585EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.8 views

Amazon Linux 2 : php, --advisory ALAS2PHP8.2-2026-009 (ALASPHP8.2-2026-009)

The version of php installed on the remote host is prior to 8.2.30-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.2-2026-009 advisory. NOTE: https://github.com/php/php-src/security/advisories/GHSA-3237-qqm7-mfv7NOTE:...

8.2CVSS5.6AI score0.00573EPSS
Exploits4References8
Amazon
Amazon
added 2026/01/21 12:0 a.m.9 views

Important: sox

Issue Overview: SoX 14.4.2 contains a division by zero vulnerability when handling WAV files that can cause program crashes. Attackers can trigger a floating point exception by providing a specially crafted WAV file that causes arithmetic errors during sound file processing. CVE-2022-50798 Affect...

5.6AI score0.00039EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/01/21 12:0 a.m.5 views

Amazon Linux 2 : python, --advisory ALAS2-2026-3128 (ALAS-2026-3128)

The version of python installed on the remote host is prior to 2.7.18-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3128 advisory. When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorith...

6.3CVSS5.7AI score0.00708EPSS
Exploits0References4
Rows per page
Query Builder