Lucene search
K

215 matches found

Amazon
Amazon
added 2026/07/08 12:0 a.m.5 views

Medium: containerd

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6.9AI score0.00939EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.29 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-113 (ALASNITRO-ENCLAVES-2026-113)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-113 advisory. Memory exhaustion DoS causing OOM kill of containerd process NOTE:...

9.9CVSS6.3AI score0.00412EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.6 views

Amazon Linux 2 : containerd, --advisory ALAS2NITRO-ENCLAVES-2026-111 (ALASNITRO-ENCLAVES-2026-111)

The version of containerd installed on the remote host is prior to 2.1.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-111 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-256...

9.6CVSS7AI score0.00478EPSS
Exploits0References14
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Intel Microcode

Unauthorized error injection in IntelR SGX or IntelR TDX for certain IntelR XeonR processors may allow a privileged user to potentially enable privilege escalation through local access...

7.2CVSS6.7AI score0.00312EPSS
Exploits0References2
Amazon
Amazon
added 2026/06/12 12:0 a.m.15 views

Important: docker

Issue Overview: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt ...

9.6CVSS5.8AI score0.00478EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.19 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-110 (ALASNITRO-ENCLAVES-2026-110)

The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-110 advisory. Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.18 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-108 (ALASNITRO-ENCLAVES-2026-108)

The version of docker installed on the remote host is prior to 25.0.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-108 advisory. The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with ...

10CVSS6.9AI score0.03153EPSS
Exploits2References16
Fedora
Fedora
added 2026/05/27 1:27 a.m.12 views

[SECURITY] Fedora 43 Update: rust-eif_build-0.2.1-7.fc43

This CLI tool provides a low level path to assemble an enclave image format EIF file used in AWS Nitro Enclaves...

9.8CVSS5.8AI score0.00412EPSS
Exploits0
Fedora
Fedora
added 2026/05/27 12:53 a.m.13 views

[SECURITY] Fedora 44 Update: rust-eif_build-0.2.1-7.fc44

This CLI tool provides a low level path to assemble an enclave image format EIF file used in AWS Nitro Enclaves...

9.8CVSS5.8AI score0.00412EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.20 views

Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2026-103 (ALASNITRO-ENCLAVES-2026-103)

The version of runc installed on the remote host is prior to 1.3.4-5. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-103 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memo...

7.5CVSS7.5AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.25 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-104 (ALASNITRO-ENCLAVES-2026-104)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-104 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C...

7.5CVSS6AI score0.00813EPSS
Exploits0References16
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.17 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-099 (ALASNITRO-ENCLAVES-2026-099)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-099 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow o...

9.8CVSS6AI score0.00621EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.20 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-097 (ALASNITRO-ENCLAVES-2026-097)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-097 advisory. Arithmetic over induction variables in loops were not correctly checked for underflow or overflow in the Go...

9.8CVSS8AI score0.08123EPSS
Exploits1References20
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011378)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011378 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC or xAPIC, and...

5.6AI score0.00203EPSS
Exploits0References4
Amazon
Amazon
added 2026/04/14 12:0 a.m.6 views

Medium: amazon-ecr-credential-helper

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

7.5CVSS5.9AI score0.00728EPSS
Exploits0
Amazon
Amazon
added 2026/04/14 12:0 a.m.15 views

Medium: oci-add-hooks

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

7.5CVSS5.9AI score0.00728EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.8 views

Amazon Linux 2 : runc, --advisory ALAS2NITRO-ENCLAVES-2026-093 (ALASNITRO-ENCLAVES-2026-093)

The version of runc installed on the remote host is prior to 1.3.4-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-093 advisory. url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 O...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.4 views

Amazon Linux 2 : oci-add-hooks, --advisory ALAS2NITRO-ENCLAVES-2026-096 (ALASNITRO-ENCLAVES-2026-096)

The version of oci-add-hooks installed on the remote host is prior to 0-0.8.20200504git325a340. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-096 advisory. url.Parse insufficiently validated the host/authority component and accepted some...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.8 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2026-095 (ALASNITRO-ENCLAVES-2026-095)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.12.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-095 advisory. url.Parse insufficiently validated the host/authority component and accepted some inval...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References8
Amazon
Amazon
added 2026/02/19 12:0 a.m.9 views

Important: runc

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: runc Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to...

7.8CVSS6.4AI score0.00532EPSS
Exploits0
Rows per page
Query Builder