Lucene search
K
AmazonRecent

8850 matches found

Amazon
Amazon
added 2 days ago5 views

Medium: ecs-init

Issue Overview: No CVE associated with this advisory Affected Packages: ecs-init Note: This advisory is applicable to Amazon Linux 2 - Ecs Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue...

5.8AI score
Exploits0
Amazon
Amazon
added 2 days ago5 views

Medium: ecs-init

Issue Overview: No CVE associated with this advisory Affected Packages: ecs-init Issue Correction: Run dnf update ecs-init --releasever 2023.12.20260629 or dnf update --advisory ALAS2023-2026-1906 --releasever 2023.12.20260629 to update your system. More information on how to update your system c...

5.7AI score
Exploits0
Amazon
Amazon
added 2 days ago4 views

Critical: rclone

Issue Overview: Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from th...

9.8CVSS5.8AI score0.00701EPSS
Exploits0
Amazon
Amazon
added 2 days ago4 views

Critical: rclone

Issue Overview: Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from th...

9.8CVSS5.9AI score0.00701EPSS
Exploits0
Amazon
Amazon
added 2 days ago5 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

6AI score
Exploits0
Amazon
Amazon
added 2 days ago4 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

6AI score
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: perl-Sereal-Decoder

Issue Overview: Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srldecoder.c, srlreadobject and srlreadhash process a COPY tag, a back-reference whose target byte the decoder re-decodes as a fresh tag. When that target byte matches t...

8.1CVSS5.8AI score0.00399EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: containerd

Issue Overview: The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated client...

10CVSS5.9AI score0.005EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: amazon-cloudwatch-agent

Issue Overview: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause severa...

10CVSS6.1AI score0.005EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: amazon-cloudwatch-agent

Issue Overview: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause severa...

10CVSS6AI score0.005EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: mod_http2

Issue Overview: Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67. CVE-2026-48913 Denial of service in HTTP/2 cookie request header counting CVE-2026-49975 Affected Packages...

7.5CVSS5.8AI score0.11471EPSS
Exploits7
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Medium: golang

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6.1AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Medium: golist

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6.1AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: golang-github-burntsushi-toml-test

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: golang-github-cpuguy83-md2man

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: golang

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Medium: golist

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: golang-github-burntsushi-toml

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transportfinish NFHOOK CVE-2026-31663 In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlinknscapable check for peer netns CVE-2026-31692 ...

9.3CVSS6.8AI score0.00442EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: freerdp

Issue Overview: FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using...

9.8CVSS6.7AI score0.03472EPSS
Exploits4
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: freerdp

Issue Overview: FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using...

9.8CVSS6.7AI score0.03472EPSS
Exploits4
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Medium: httpd

Issue Overview: Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue. CVE-2026-29167 A cross-site scripting...

9.8CVSS6AI score0.00687EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: ansible-core

Issue Overview: A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags throu...

7.8CVSS6.4AI score0.00156EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: mariadb114

Issue Overview: During the SST the donor node is interpolating parameters that the joiner sent into the command line. Not all parameters were properly validated which could allow a malicious joiner to execute arbitrary shell commands on the donor side via the mariabackup SST method. CVE-2026-4416...

9.8CVSS6.2AI score0.00469EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: dotnet10.0

Issue Overview: Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally. CVE-2026-45491 Uncontrolled resource...

7.8CVSS5.8AI score0.0243EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: openssl

Issue Overview: Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of...

8.8CVSS6.7AI score0.02719EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: edk2

Issue Overview: Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of...

8.8CVSS6.7AI score0.02719EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: dotnet9.0

Issue Overview: Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally. CVE-2026-45491 Uncontrolled resource...

7.8CVSS5.8AI score0.0243EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: openssl11

Issue Overview: Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of...

8.8CVSS6.7AI score0.02719EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: openssl-snapsafe

Issue Overview: Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of...

8.8CVSS6.8AI score0.02719EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: dotnet8.0

Issue Overview: Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally. CVE-2026-45491 Uncontrolled resource...

7.8CVSS5.8AI score0.0243EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.3 views

Important: evince

Issue Overview: CVE-2026-46529 is a command injection vulnerability in Evince, Atril, and Xreader caused by missing quoting of shell-like input in evspawn in ev-application.c. CVE-2026-46529 Affected Packages: evince Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...

8.4CVSS5.9AI score0.00529EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: perl-DBI

Issue Overview: DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders...

9.8CVSS6.3AI score0.00413EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: perl-DBI

Issue Overview: DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders...

9.8CVSS6.3AI score0.00413EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has been patched in versions 6.9.13-49 and...

7.5CVSS6AI score0.00353EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.3 views

Important: tigervnc

Issue Overview: A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but...

7.8CVSS6.3AI score0.00165EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: ecs-service-connect-agent

Issue Overview: A denial-of-service vulnerability was found in Envoy's HTTP/2 HPACK header compression implementation. A remote attacker could send a specially crafted HTTP/2 request that triggers disproportionately large memory allocations on the server, leading to resource exhaustion and denial...

7.5CVSS6.1AI score0.00708EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Important: ecs-service-connect-agent

Issue Overview: A denial-of-service vulnerability was found in Envoy's HTTP/2 HPACK header compression implementation. A remote attacker could send a specially crafted HTTP/2 request that triggers disproportionately large memory allocations on the server, leading to resource exhaustion and denial...

7.5CVSS6.2AI score0.00708EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.18.25-52.107

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Important: kernel-livepatch-6.18.33-63.124

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: kernel-livepatch-6.12.77-99.140

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: kernel-livepatch-6.12.83-111.159

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.4 views

Important: kernel-livepatch-6.12.83-115.161

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Important: kernel-livepatch-6.18.30-61.116

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: kernel-livepatch-6.18.20-41.237

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.18.25-55.108

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.18.16-18.222

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Important: kernel-livepatch-6.12.79-101.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.8 views

Important: kernel-livepatch-6.18.30-61.119

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Total number of security vulnerabilities8850