Lucene search
K
AmazonMost viewed

8850 matches found

Amazon
Amazon
added 2022/09/12 12:0 a.m.8 views

Important: kernel

Issue Overview: An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flushtoldisc function. This flaw allows a local user...

7.8CVSS5.3AI score0.12746EPSS
Exploits13
Amazon
Amazon
added 2022/09/12 12:0 a.m.8 views

Medium: kernel

Issue Overview: An out-of-bounds read flaw was found in the Linux kernel's TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flushtoldisc function. This flaw allows a local user...

7.5CVSS5AI score0.05561EPSS
Exploits2
Amazon
Amazon
added 2022/07/15 12:0 a.m.8 views

Important: kernel-livepatch-5.10.112-108.499

Issue Overview: A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nftablesapi.c. This flaw allows a local attacker with user access to cause a privilege escalation issue. CVE-2022-1966 Affected Packages: kernel-livepatch-5.10.112-108.499 Issue...

6.8AI score
Exploits5
Amazon
Amazon
added 2022/04/07 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' CVE-2021-46937 In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamondlock...

7.8CVSS6.3AI score0.05524EPSS
Exploits19
Amazon
Amazon
added 2022/04/07 12:0 a.m.8 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: fix 'struct pid' leaks in 'dbgfstargetidswrite' CVE-2021-46937 In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamondlock...

8.6CVSS5.8AI score0.02633EPSS
Exploits18
Amazon
Amazon
added 2022/01/28 12:0 a.m.8 views

Important: kernel

Issue Overview: A flaw was found in the Linux kernels implementation of wifi fragmentation handling. An attacker with the ability to transmit within the wireless transmission range of an access point can abuse a flaw where previous contents of wifi fragments can be unintentionally transmitted to...

9.8CVSS7.3AI score0.07604EPSS
Exploits12
Amazon
Amazon
added 2021/12/18 12:0 a.m.8 views

Critical: java-11-openjdk

Issue Overview: No versions of an Amazon Linux Java Virtual Machine JVM are affected by CVE-2021-44228 or CVE-2021-45046. However, if customers load a log4j version that is affected by CVE-2021-44228 or CVE-2021-45046 into an Amazon Linux JVM, it will introduce the issues identified in...

10CVSS6.8AI score0.99999EPSS
Exploits349
Amazon
Amazon
added 2021/11/18 12:0 a.m.8 views

Important: runc

Issue Overview: runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfslinux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. CVE-2019-16884 A flaw was...

7.5CVSS6.8AI score0.04409EPSS
Exploits1
Amazon
Amazon
added 2021/11/18 12:0 a.m.8 views

Medium: docker

Issue Overview: The default OCI Linux spec in oci/defaultslinux.go in Docker/Moby, from 1.11 to current, does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling Bluetooth or turning up/down keyboard brightness. CVE-2018-10892 Affected...

6.3CVSS7AI score0.01135EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: freerdp

Issue Overview: FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using...

9.8CVSS6.7AI score0.03472EPSS
Exploits4
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: freerdp

Issue Overview: FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using...

9.8CVSS6.7AI score0.03472EPSS
Exploits4
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: ecs-service-connect-agent

Issue Overview: A denial-of-service vulnerability was found in Envoy's HTTP/2 HPACK header compression implementation. A remote attacker could send a specially crafted HTTP/2 request that triggers disproportionately large memory allocations on the server, leading to resource exhaustion and denial...

7.5CVSS6.1AI score0.00708EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: perl-DBI

Issue Overview: DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders...

9.8CVSS6.3AI score0.00413EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has been patched in versions 6.9.13-49 and...

7.5CVSS6AI score0.00353EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: ImageMagick

Issue Overview: When writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. as per: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7wff-wpr6-vmhm CVE-2026-42326 Due to a missing check in the PSD decoder it would be possible to...

7.5CVSS6.1AI score0.01849EPSS
Exploits2
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: perl-IO-Compress

Issue Overview: IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes...

7.5CVSS6.2AI score0.00373EPSS
Exploits2
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.12.80-106.156

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.12.90-120.164

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.18.20-20.229

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.18.25-55.108

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.18.25-57.109

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.18.25-52.107

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transportfinish NFHOOK CVE-2026-31663 In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlinknscapable check for peer netns CVE-2026-31692 ...

9.3CVSS6.8AI score0.00442EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.18.16-18.222

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: perl-IO-Compress

Issue Overview: IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward. fastForward compares length $offset the digit count of the offset, 1 to 19 against the chunk size $c instead of $offset itself, so $c shrinks from 16 KiB to 1-19 bytes...

7.5CVSS6.1AI score0.00373EPSS
Exploits2
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: poppler

Issue Overview: A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation,...

7.8CVSS6.1AI score0.00252EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: mod_http2

Issue Overview: Use After Free vulnerability in Apache HTTP Server module modhttp2 when file handles are already exhausted. This issue affects Apache HTTP Server: from 2.4.55 through 2.4.67. CVE-2026-48913 Denial of service in HTTP/2 cookie request header counting CVE-2026-49975 Affected Packages...

7.5CVSS5.8AI score0.11471EPSS
Exploits7
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: blk-mq: use quiesced elevator switch when reinitializing queues CVE-2022-50552 In the Linux kernel, the following vulnerability has been resolved: net: clear the dst when changing skb protocol CVE-2025-38192 In th...

9.8CVSS6.1AI score0.00554EPSS
Exploits1
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: mariadb-connector-c

Issue Overview: An application that was taking non-validated user input, escaping it with mysqlrealescapestring and sending it to the database using text protocol and big5 character set was vulnerable to SQL injections, even though mysqlrealescapestring was supposed to prevent them. CVE-2026-4417...

9.8CVSS5.8AI score0.00319EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...

7.8CVSS5.7AI score0.00353EPSS
Exploits4
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: golang

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: python3.14-pip

Issue Overview: A flaw was found in pip, the package installer for Python. A remote attacker can exploit this vulnerability by tricking a victim into installing a malicious Python wheel. This wheel contains specially crafted entry-point names that use directory traversal or absolute paths. This...

5.5CVSS6.1AI score0.00275EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: golang-github-burntsushi-toml

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: golang-github-cpuguy83-md2man

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: golang-github-burntsushi-toml-test

Issue Overview: x509.Certificate.VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name SAN entries. This caused strings.Splithost, "." to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically bas...

7.5CVSS6AI score0.0065EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: dotnet9.0

Issue Overview: Improper authorization in .NET allows an authorized attacker to elevate privileges locally. CVE-2026-45490 Improper link resolution before file access 'link following' in .NET allows an unauthorized attacker to perform tampering locally. CVE-2026-45491 Uncontrolled resource...

7.8CVSS5.8AI score0.0243EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: httpd

Issue Overview: Use After Free vulnerability in Apache HTTP Server with modldap in per-directory configuration This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue. CVE-2026-29167 A cross-site scripting...

9.8CVSS6AI score0.00687EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: git-lfs

Issue Overview: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 Affected Packages: git-lfs Issue Correction: Run dnf update git-lfs --releasever 2023.12.20260622 or dnf update --advisory ALAS2023-2026-1889 --releasever 2023.12.20260622 ...

6.5CVSS5.9AI score0.00248EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: openssl

Issue Overview: Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of...

8.8CVSS6.7AI score0.02719EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: amazon-cloudwatch-agent

Issue Overview: Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service. CVE-2026-25680 The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause severa...

10CVSS6.1AI score0.005EPSS
Exploits0
Amazon
Amazon
added 2026/06/08 12:0 a.m.7 views

Important: gnutls

Issue Overview: A remotely triggerable underflow in the DTLS reassembly code led to a heap overrun. The issue was reported in the issue tracker as 1811 by Joshua Rogers of AISLE Research Team. CVE-2026-33845 GnuTLS didn't check that DTLS fragments claimed a consistent messagelength value...

9.1CVSS5.6AI score0.01335EPSS
Exploits0
Amazon
Amazon
added 2026/06/08 12:0 a.m.7 views

Important: atril

Issue Overview: CVE-2026-46529 is a command injection vulnerability in Evince, Atril, and Xreader caused by missing quoting of shell-like input in evspawn in ev-application.c. CVE-2026-46529 Affected Packages: atril Note: This advisory is applicable to Amazon Linux 2 - Mate-desktop1.x Extra. Visi...

8.4CVSS5.5AI score0.00529EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Important: cups

Issue Overview: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri e.g., rss:///../job.cache, letting a remote IPP client write RSS XML bytes outside...

7.8CVSS6.5AI score0.00502EPSS
Exploits6
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Medium: perl-Net-CIDR-Lite

Issue Overview: Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce...

7.5CVSS6.4AI score0.00309EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Important: firefox

Issue Overview: Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run...

9.8CVSS6.1AI score0.0035EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Important: maven3.9

Issue Overview: Directory Traversal vulnerability in the extractFile method of org.codehaus.plexus.util.Expand in plexus-utils before 6d780b3378829318ba5c2d29547e0012d5b29642. This allows an attacker to execute arbitrary code CVE-2025-67030 Affected Packages: maven3.9 Issue Correction: Run dnf...

8.8CVSS5.9AI score0.00663EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Important: composer

Issue Overview: Command injection via malicious Perforce repository definition CVE-2026-40176 Command injection via malicious Perforce source reference/url CVE-2026-40261 Affected Packages: composer Issue Correction: Run dnf update composer --releasever 2023.11.20260427 or dnf update --advisory...

8.8CVSS5.8AI score0.01688EPSS
Exploits4
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Important: openssh

Issue Overview: In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode. CVE-2026-35385 Affected Packages: openssh Issue...

8.1CVSS5.2AI score0.00419EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

7.5CVSS6.9AI score0.16212EPSS
Exploits2
Total number of security vulnerabilities5000