Lucene search
K

807 matches found

Amazon
Amazon
added 2025/10/27 12:0 a.m.7 views

Low: docker

Issue Overview: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails...

5.2CVSS7AI score0.00152EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.4 views

Amazon Linux 2 : openssl, --advisory ALAS2-2025-3034 (ALAS-2025-3034)

The version of openssl installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3034 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an out-of-bound...

7.5CVSS6.5AI score0.01744EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.9 views

Amazon Linux 2 : cups, --advisory ALAS2-2025-3028 (ALAS-2025-3028)

The version of cups installed on the remote host is prior to 1.6.3-51. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3028 advisory. A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is...

8CVSS7.8AI score0.00964EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.6 views

Amazon Linux 2 : sox, --advisory ALAS2-2025-3032 (ALAS-2025-3032)

The version of sox installed on the remote host is prior to 14.4.1-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3032 advisory. A floating point exception divide-by-zero issue was discovered in SoX in functon startread of wav.c file. An attacker with a crafted w...

5.5CVSS7.2AI score0.00457EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.6 views

Amazon Linux 2 : gimp, --advisory ALAS2GIMP-2025-008 (ALASGIMP-2025-008)

The version of gimp installed on the remote host is prior to 2.8.22-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2GIMP-2025-008 advisory. ZDI-CAN-27863: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10922 Tenable has...

7.8CVSS7.5AI score0.00644EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.8 views

Amazon Linux 2 : openssl11, --advisory ALAS2-2025-3033 (ALAS-2025-3033)

The version of openssl11 installed on the remote host is prior to 1.1.1zd-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3033 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can trigger an...

7.5CVSS6.5AI score0.01744EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.9 views

Amazon Linux 2 : libtiff, --advisory ALAS2-2025-3020 (ALAS-2025-3020)

The version of libtiff installed on the remote host is prior to 4.0.3-35. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3020 advisory. Write-What-Where in libtiff via TIFFReadRGBAImageOriented CVE-2025-9900 Tenable has extracted the preceding description block...

8.8CVSS6AI score0.00739EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.4 views

Amazon Linux 2 : qemu, --advisory ALAS2-2025-3031 (ALAS-2025-3031)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3031 advisory. A flaw was found in QEMU. An assertion failure was present in the usbepget function in hw/net/core.c when trying to get the USB endpoi...

5.5CVSS6.2AI score0.00286EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.11 views

Amazon Linux 2 : redis, --advisory ALAS2REDIS6-2025-015 (ALASREDIS6-2025-015)

The version of redis installed on the remote host is prior to 6.2.20-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2REDIS6-2025-015 advisory. Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated use...

9.9CVSS8.7AI score0.86767EPSS
Exploits15References10
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.5 views

Amazon Linux 2 : amazon-cloudwatch-agent, --advisory ALAS2-2025-3037 (ALAS-2025-3037)

The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300059.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3037 advisory. go-viper's mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data CVE-2025-11065...

5.3CVSS5.5AI score0.00357EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.4 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2025-070 (ALASNITRO-ENCLAVES-2025-070)

The version of docker installed on the remote host is prior to 25.0.13-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-070 advisory. Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis...

5.2CVSS6.8AI score0.00152EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.6 views

Amazon Linux 2 : openssl-snapsafe, --advisory ALAS2OPENSSL-SNAPSAFE-2025-008 (ALASOPENSSL-SNAPSAFE-2025-008)

The version of openssl-snapsafe installed on the remote host is prior to 1.0.2k-24. It is, therefore, affected by a vulnerability as referenced in the ALAS2OPENSSL-SNAPSAFE-2025-008 advisory. Issue summary: An application trying to decrypt CMS messages encrypted usingpassword based encryption can...

7.5CVSS6.7AI score0.01744EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.1 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2025-071 (ALASNITRO-ENCLAVES-2025-071)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-071 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potential...

6.8CVSS6.5AI score0.0056EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.6 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2ECS-2025-075 (ALASECS-2025-075)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-075 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking...

6.8CVSS6.5AI score0.0056EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.6 views

Amazon Linux 2 : gegl, --advisory ALAS2-2025-3030 (ALAS-2025-3030)

The version of gegl installed on the remote host is prior to 0.2.0-19. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3030 advisory. GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability CVE-2025-10921 Tenable has extracted the precedi...

7.8CVSS7.5AI score0.00452EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.4 views

Amazon Linux 2 : polkit, --advisory ALAS2-2025-3024 (ALAS-2025-3024)

The version of polkit installed on the remote host is prior to 0.112-26. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3024 advisory. A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be...

6.7CVSS6.3AI score0.00184EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.7 views

Amazon Linux 2 : postgresql, --advisory ALAS2-2025-3035 (ALAS-2025-3035)

The version of postgresql installed on the remote host is prior to 9.2.24-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3035 advisory. Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for...

8.8CVSS7.5AI score0.00709EPSS
Exploits1References4
Amazon
Amazon
added 2025/10/14 12:0 a.m.8 views

Important: ghostscript

Issue Overview: Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfwritecmap in devices/vector/gdevpdtw.c. CVE-2025-59798 Artifex Ghostscript through 10.05.1 has a stack-based buffer overflow in pdfmarkcoercedest in devices/vector/gdevpdfm.c via a large size value...

5.5CVSS7.5AI score0.00188EPSS
Exploits0
Amazon
Amazon
added 2025/10/14 12:0 a.m.4 views

Medium: openssl

Issue Overview: Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds...

7.5CVSS7.3AI score0.01744EPSS
Exploits0
Amazon
Amazon
added 2025/10/14 12:0 a.m.5 views

Medium: polkit

Issue Overview: A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a...

6.7CVSS7.8AI score0.00184EPSS
Exploits0
Rows per page
Query Builder