Lucene search
+L

638 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/05 12:0 a.m.6 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2025-079 (ALASNITRO-ENCLAVES-2025-079)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.11.0-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-079 advisory. crypto/x509: excluded subdomain constraint does not restrict wildcard SANs An excluded...

7.5CVSS7.7AI score0.00585EPSS
Exploits3References8
Amazon
Amazon
added 2025/12/08 12:0 a.m.6 views

Medium: containerd

Issue Overview: containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...

7.8CVSS5.6AI score0.00162EPSS
Exploits1
EUVD
EUVD
added 2025/12/05 6:57 p.m.4 views

EUVD-2025-201467

nitro-tpm-pcr-compute may allow kernel command line modification by an account operator...

6.5AI score
Exploits0References8
OSV
OSV
added 2025/12/05 6:57 p.m.2 views

GHSA-XRV8-2PF5-F3Q7 nitro-tpm-pcr-compute may allow kernel command line modification by an account operator

Summary Adding default PCR12 validation to ensure that account operators can not modify kernel command line parameters, potentially bypassing root filesystem integrity validation. Attestable AMIs are based on the systemd Unified Kernel Image UKI concept which uses systemd-boot to create a single...

6CVSS6.9AI score
Exploits0References8
Github Security Blog
Github Security Blog
added 2025/12/05 6:57 p.m.12 views

nitro-tpm-pcr-compute may allow kernel command line modification by an account operator

Summary Adding default PCR12 validation to ensure that account operators can not modify kernel command line parameters, potentially bypassing root filesystem integrity validation. Attestable AMIs are based on the systemd Unified Kernel Image UKI concept which uses systemd-boot to create a single...

7AI score
Exploits0References8Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 11:6 p.m.8 views

Malicious code in nitro-kutu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c730e64b459919c937231de7e767a99ceca04f35011b70d3d95c5616092dead The package nitro-kutu was found to contain malicious code. Source: ghsa-malware e49eaa55b0b2cddde2728a2d6cfcc512771af0fa1cf78903a09e11d7b564d972 Any...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 11:6 p.m.5 views

EUVD-2025-199119

Malicious code in nitro-kutu npm...

6.6AI score
Exploits0References4
OSV
OSV
added 2025/11/24 11:6 p.m.5 views

MAL-2025-191132 Malicious code in nitro-kutu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c730e64b459919c937231de7e767a99ceca04f35011b70d3d95c5616092dead The package nitro-kutu was found to contain malicious code. Source: ghsa-malware e49eaa55b0b2cddde2728a2d6cfcc512771af0fa1cf78903a09e11d7b564d972 Any...

6.8AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 11:5 p.m.4 views

EUVD-2025-199120

Malicious code in nitro-graphql npm...

6.6AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 11:5 p.m.6 views

Malicious code in nitro-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36ef7661deeec20f2ea8ef1c642811be2a627ee5e8b6a3f51cd61de1e421547b The package nitro-graphql was found to contain malicious code. Source: ghsa-malware a77bf7f130d454574e5e838c6ce7922e015408f32542a4b15e77d26698129fe3...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 11:5 p.m.5 views

MAL-2025-191131 Malicious code in nitro-graphql (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36ef7661deeec20f2ea8ef1c642811be2a627ee5e8b6a3f51cd61de1e421547b The package nitro-graphql was found to contain malicious code. Source: ghsa-malware a77bf7f130d454574e5e838c6ce7922e015408f32542a4b15e77d26698129fe3...

6.8AI score
Exploits0References4
Snyk
Snyk
added 2025/11/24 8:33 p.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/11 12:0 a.m.4 views

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2NITRO-ENCLAVES-2025-073 (ALASNITRO-ENCLAVES-2025-073)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2025-073 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitt...

7.5CVSS7.4AI score0.00626EPSS
Exploits0References22
Amazon
Amazon
added 2025/11/10 12:0 a.m.19 views

Important: amazon-ecr-credential-helper

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

7.5CVSS8.8AI score0.00626EPSS
Exploits0
Amazon
Amazon
added 2025/10/14 12:0 a.m.7 views

Low: docker

Issue Overview: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails...

5.2CVSS7AI score0.00152EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-2680

Malware in sbrugna...

8.1CVSS8AI score0.02425EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-27246

Malware in sbrugna...

8.8CVSS8.3AI score0.42268EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2015-2927

Malware in sbrugna...

4.3CVSS6.4AI score0.01987EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2015-2926

Malware in sbrugna...

6.8CVSS6.4AI score0.02859EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.54 views

EUVD-2021-10082

Malware in sbrugna...

7.5CVSS7.7AI score0.00894EPSS
Exploits0References2
Rows per page
Query Builder