1794 matches found
Amazon Linux AMI : kernel (ALAS-2024-1945)
The version of kernel installed on the remote host is prior to 4.14.349-188.564. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1945 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of timer for log...
Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2024-041)
The version of docker installed on the remote host is prior to 25.0.6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2024-041 advisory. 2025-01-04: CVE-2024-36620 was added to this advisory. 2025-01-04: CVE-2024-36623 was added to this advisory...
Amazon Linux AMI : httpd24 (ALAS-2024-1944)
The version of httpd24 installed on the remote host is prior to 2.4.61-1.103. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1944 advisory. Substitution encoding issue in modrewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts...
CVE-2024-4143
A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability...
CVE-2024-4143 Certain HP PC products using AMI BIOS – Buffer Overflow
A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability...
CVE-2024-4143
CVE-2024-4143 concerns HP PC products using AMI BIOS with a Buffer Overflow vulnerability. Red Hat/HP/NVD and CVE records describe a potential arbitrary code execution due to improper input handling in AMI BIOS. Red Hat and CVE records reiterate that AMI has released firmware updates to mitigate ...
CVE-2024-4143 Certain HP PC products using AMI BIOS – Buffer Overflow
A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability...
Certain HP PC products using AMI BIOS – Buffer Overflow
A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability. AMI has released updates to mitigate the potential vulnerability. HP has identified affect...
HPESBCR04667 rev.1 - HPE Cray Servers Using AMI MegaRac SPX Software (AMI-SA-2023010), Multiple Vulnerabilities
Potential Security Impact: Local: memory corruption, Buffer Overflow, Null pointer dereference SUPPORTED SOFTWARE VERSIONS: ONLY impacted versions are listed. HPE Cray XD665 - prior to BMC 1.14 in HPE Cray SC XD665 Firmware Pack 2024.01.00 HPE Cray XD670 - prior to BMC 1.14 in BMC Firmware for HP...
Amazon Linux AMI : kernel (ALAS-2024-1943)
The version of kernel installed on the remote host is prior to 4.14.348-187.565. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1943 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown...
Certain HP PC BIOS Logo Vulnerabilities
Potential security vulnerabilities, known as LogoFAIL, have been reported in the AMI BIOS and the Insyde BIOS used in certain HP PC products, which might allow escalation of privilege, arbitrary code execution, denial of service, information disclosure, and/or data tampering. AMI and Insyde are...
Amazon Linux AMI : tomcat8 (ALAS-2024-1941)
The version of tomcat8 installed on the remote host is prior to 8.5.99-1.97. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1941 advisory. Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep...
Amazon Linux AMI : kernel (ALAS-2024-1942)
The version of kernel installed on the remote host is prior to 4.14.348-187.562. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2024-1942 advisory. 2024-07-31: CVE-2024-27020 was added to this advisory. 2024-07-31: CVE-2024-26976 was added to this advisory...
Amazon Linux AMI : R (ALAS-2024-1940)
The version of R installed on the remote host is prior to 3.4.1-1.53. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1940 advisory. Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not...
Amazon Linux AMI : nghttp2 (ALAS-2024-1935)
The version of nghttp2 installed on the remote host is prior to 1.33.0-1.1.9. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1935 advisory. nghttp2 is an implementation of the Hypertext Transfer Protocol version 2 in C. The nghttp2 library prior to version 1.61.0 kee...
Amazon Linux AMI : unbound (ALAS-2024-1934)
The version of unbound installed on the remote host is prior to 1.6.6-1.6. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1934 advisory. An issue was discovered in some DNS recursive resolvers that allows remote attackers to cause a denial of service using a...
Amazon Linux AMI : kernel (ALAS-2024-1937)
The version of kernel installed on the remote host is prior to 4.14.343-183.564. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1937 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: exthdr: fix 4-byte stack OOB write ...
Amazon Linux AMI : golang (ALAS-2024-1938)
The version of golang installed on the remote host is prior to 1.13.4-1.57. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1938 advisory. Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public...
Amazon Linux AMI : python38 (ALAS-2024-1936)
The version of python38 installed on the remote host is prior to 3.8.5-1.11. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1936 advisory. An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8....
Amazon Linux AMI : squid (ALAS-2024-1933)
The version of squid installed on the remote host is prior to 3.5.20-17.55. It is, therefore, affected by a vulnerability as referenced in the ALAS-2024-1933 advisory. Due to chunked decoder lenience Squid is vulnerable to Request/Response smuggling attacks when parsing HTTP/1.1 and ICAP messages...