Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9341 matches found

Tenable Nessus
Tenable Nessusadded 2020/04/24 12:0 a.m.43 views

Amazon Linux AMI : runc (ALAS-2020-1358)

The version of runc installed on the remote host is prior to 1.0.0-0.1.20200204.gitdc9208a.1. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1358 advisory. runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to...

7CVSS7AI score0.00457EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2020/04/24 12:0 a.m.34 views

Amazon Linux 2 : xerces-c (ALAS-2020-1415)

The version of xerces-c installed on the remote host is prior to 3.1.1-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1415 advisory. A use-after-free vulnerability was found in xerces-c in the way an XML document is processed via the SAX API. Applications that...

8.1CVSS7.9AI score0.09503EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2020/04/24 12:0 a.m.50 views

Amazon Linux 2 : thunderbird (ALAS-2020-1414)

The version of thunderbird installed on the remote host is prior to 68.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1414 advisory. The Mozilla Foundation Security Advisory describes this flaw as: When removing data about an origin whose tab was...

9.8CVSS8AI score0.03191EPSS
Exploits2References15
Tenable Nessus
Tenable Nessusadded 2020/04/24 12:0 a.m.39 views

Amazon Linux AMI : http-parser (ALAS-2020-1359)

The version of http-parser installed on the remote host is prior to 2.9.3-1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1359 advisory. A flaw was found in the Node.js code where a specially crafted HTTPs request sent to a Node.js server failed to...

9.8CVSS7.4AI score0.57132EPSS
Exploits0References7
Tenable Nessus
Tenable Nessusadded 2020/04/24 12:0 a.m.29 views

Amazon Linux AMI : libtirpc (ALAS-2020-1362)

The version of libtirpc installed on the remote host is prior to 0.2.4-0.16.15. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1362 advisory. A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefdxprt was n...

7.5CVSS6.1AI score0.03861EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2020/04/24 12:0 a.m.32 views

Amazon Linux 2 : libvncserver (ALAS-2020-1411)

The version of libvncserver installed on the remote host is prior to 0.9.9-14. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1411 advisory. Integer Overflow or Wraparound leads to Heap-based Buffer Overflow CVE-2019-15690 Tenable has extracted the preceding...

8.8CVSS7.1AI score0.00713EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2020/04/24 12:0 a.m.33 views

Amazon Linux 2 : python-pillow (ALAS-2020-1412)

The version of python-pillow installed on the remote host is prior to 2.0.0-20.gitd1c6db8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1412 advisory. A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a lo...

9.8CVSS7.1AI score0.0369EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2020/04/24 12:0 a.m.25 views

Amazon Linux AMI : icu (ALAS-2020-1361)

The version of icu installed on the remote host is prior to 50.2-4.0. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1361 advisory. An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-base...

8.8CVSS7.8AI score0.02669EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2020/04/24 12:0 a.m.271 views

Amazon Linux 2 : python-virtualenv (ALAS-2020-1413)

The version of python-virtualenv installed on the remote host is prior to 15.1.0-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1413 advisory. urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirec...

9.8CVSS7AI score0.07443EPSS
Exploits3References7
Amazon
Amazonadded 2020/04/22 12:0 a.m.42 views

Important: python-pillow

Issue Overview: A flaw was discovered in the way the python-pillow may allocate a large amount of memory or require a long time while processing specially crafted image files, possibly causing a denial of service. Applications that use the library to process untrusted files may be vulnerable to...

9.8CVSS7.3AI score0.0369EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2020/04/17 12:0 a.m.31 views

Amazon Linux AMI : git (ALAS-2020-1357)

The version of git installed on the remote host is prior to 2.14.6-1.62. It is, therefore, affected by a vulnerability as referenced in the ALAS-2020-1357 advisory. With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a...

9.3CVSS7.3AI score0.10047EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2020/04/16 12:0 a.m.320 views

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2020-1410)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.7+10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1410 advisory. Further information about this update can be found in the Corretto 11 change log...

8.3CVSS6.6AI score0.0623EPSS
Exploits0References27
Tenable Nessus
Tenable Nessusadded 2020/04/16 12:0 a.m.18 views

Amazon Linux 2 : git (ALAS-2020-1409)

The version of git installed on the remote host is prior to 2.23.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1409 advisory. With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a...

9.3CVSS7.3AI score0.10047EPSS
Exploits2References3
Amazon
Amazonadded 2020/04/15 12:0 a.m.157 views

Important: java-11-amazon-corretto

Issue Overview: Further information about this update can be found in the Corretto 11 change log https://github.com/corretto/corretto-11/blob/develop/CHANGELOG.md Affected Packages: java-11-amazon-corretto Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...

8.3CVSS7.2AI score0.0623EPSS
Exploits0
Amazon
Amazonadded 2020/04/15 12:0 a.m.38 views

Important: git

Issue Overview: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol. CVE-2020-5260...

9.3CVSS7.7AI score0.10047EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2020/03/26 12:0 a.m.234 views

Amazon Linux 2 : thunderbird (ALAS-2020-1408)

The version of thunderbird installed on the remote host is prior to 68.5.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1408 advisory. When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents...

8.8CVSS7.6AI score0.02274EPSS
Exploits1References13
Tenable Nessus
Tenable Nessusadded 2020/03/26 12:0 a.m.50 views

Amazon Linux 2 : qemu (ALAS-2020-1407)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1407 advisory. tcpemu in tcpsubr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMUIR...

7.7CVSS7.9AI score0.04018EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2020/03/26 12:0 a.m.58 views

Amazon Linux 2 : kernel (ALAS-2020-1405)

The version of kernel installed on the remote host is prior to 4.14.173-137.228. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1405 advisory. 2023-11-29: CVE-2020-27418 was added to this advisory. A stack buffer overflow issue was found in the getrawsocket...

7.1CVSS6.6AI score0.00962EPSS
Exploits3References10
Amazon
Amazonadded 2020/03/23 12:0 a.m.54 views

Important: kernel

Issue Overview: A stack buffer overflow issue was found in the getrawsocket routine of the Host kernel accelerator for virtio net vhost-net driver. It could occur while doing an ictolVHOSTNETSETBACKEND call, and retrieving socket name in a kernel stack variable via getrawsocket. A user able to...

7.1CVSS6.7AI score0.00962EPSS
Exploits3
Amazon
Amazonadded 2020/03/23 12:0 a.m.68 views

Important: openssl

Issue Overview: Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a grou...

4.7CVSS6.6AI score0.03338EPSS
Exploits0
Rows per page
Query Builder