Lucene search
K
AmazonMost viewed

8850 matches found

Amazon
Amazon
added 2022/02/22 12:0 a.m.60 views

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...

5.3CVSS4.5AI score0.08346EPSS
Exploits0
Amazon
Amazon
added 2021/08/05 12:0 a.m.60 views

Important: kernel

Issue Overview: A flaw was found in the Linux kernel, where a BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack. This issue occurs when the protection mechanism neglects the possibility of uninitialized memory locations on the BPF...

7.8CVSS6.3AI score0.00996EPSS
Exploits2
Amazon
Amazon
added 2021/06/23 12:0 a.m.60 views

Medium: systemd

Issue Overview: It was discovered that systemd is vulnerable to a state injection attack when deserializing the state of a service. Properties longer than LINEMAX are not correctly parsed and an attacker may abuse this flaw in particularly configured services to inject, change, or corrupt the...

7.8CVSS7.1AI score0.02279EPSS
Exploits7
Amazon
Amazon
added 2021/02/24 12:0 a.m.60 views

Medium: python27, python36, python38

Issue Overview: A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer...

9.8CVSS8.4AI score0.23293EPSS
Exploits1
Amazon
Amazon
added 2020/07/16 12:0 a.m.60 views

Medium: poppler

Issue Overview: The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files. CVE-2019-11459 Poppler befo...

8.8CVSS7.9AI score0.02527EPSS
Exploits2
Amazon
Amazon
added 2020/06/30 12:0 a.m.60 views

Medium: bind

Issue Overview: "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit du...

7.5CVSS6.5AI score0.04022EPSS
Exploits0
Amazon
Amazon
added 2019/11/04 12:0 a.m.60 views

Medium: libjpeg-turbo

Issue Overview: The cjpeg utility in libjpeg allows remote attackers to cause a denial of service NULL pointer dereference and application crash or execute arbitrary code via a crafted file.CVE-2016-3616 A divide by zero vulnerability has been discovered in libjpeg-turbo in allocsarray function o...

8.8CVSS8.1AI score0.04898EPSS
Exploits4
Amazon
Amazon
added 2019/07/18 12:0 a.m.60 views

Important: kernel

Issue Overview: An infinite loop issue was found in the vhostnet kernel module while handling incoming packets in handlerx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhostne...

7.8CVSS7.1AI score0.52199EPSS
Exploits24
Amazon
Amazon
added 2019/07/17 12:0 a.m.60 views

Low: curl

Issue Overview: A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl. CVE-2019-5436 An integer overflow in curl's URL API results in a buffer overflow in libcurl. CVE-2019-5435 Affected Packages: curl Issue Correction: Run yum update curl or yum...

7.8CVSS7.7AI score0.49739EPSS
Exploits2
Amazon
Amazon
added 2019/06/25 12:0 a.m.60 views

Important: python

Issue Overview: A null pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate...

9.8CVSS7.6AI score0.20743EPSS
Exploits3
Amazon
Amazon
added 2018/01/03 12:0 a.m.60 views

Critical: kernel

Issue Overview: An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upo...

5.6CVSS7.5AI score0.84172EPSS
Exploits9
Amazon
Amazon
added 2017/09/13 12:0 a.m.60 views

Low: nginx

Issue Overview: A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially...

7.5CVSS7.3AI score0.62597EPSS
Exploits6
Amazon
Amazon
added 2017/08/31 12:0 a.m.60 views

Medium: bash

Issue Overview: popd controlled free: A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session.CVE-2016-9401 Arbitrary code execution via malicious...

8.4CVSS7.9AI score0.06019EPSS
Exploits0
Amazon
Amazon
added 2017/06/19 12:0 a.m.60 views

Critical: kernel

Issue Overview: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be jmp'ed over, this affects Linux Kernel versions 4.11.5 and earlier the stackguard page was introduced in 2010. CVE-2017-1000364 The...

7.8CVSS6.9AI score0.05186EPSS
Exploits12
Amazon
Amazon
added 2017/01/19 12:0 a.m.60 views

Medium: kernel

Issue Overview: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging access to a...

7.8CVSS6.5AI score0.00437EPSS
Exploits0
Amazon
Amazon
added 2016/08/17 12:0 a.m.60 views

Important: libtiff

Issue Overview: Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. CVE-2014-9655,...

9.8CVSS8.6AI score0.13722EPSS
Exploits5
Amazon
Amazon
added 2016/08/17 12:0 a.m.60 views

Important: mysql55

Issue Overview: It was found that the MariaDB client library did not properly check host names against server identities noted in the X.509 certificates when establishing secure connections using TLS/SSL. A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a clien...

8.1CVSS6.3AI score0.07505EPSS
Exploits0
Amazon
Amazon
added 2016/07/20 12:0 a.m.60 views

Critical: java-1.8.0-openjdk

Issue Overview: Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2016-3606, CVE-2016-3587, CVE-2016-3598, CVE-2016-3610 Multiple denial of service...

9.6CVSS7.8AI score0.0669EPSS
Exploits0
Amazon
Amazon
added 2016/03/29 12:0 a.m.60 views

Medium: openssh

Issue Overview: An access flaw was discovered in the OpenSSH client where it did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the loc...

9.8CVSS7.8AI score0.13736EPSS
Exploits0
Amazon
Amazon
added 2015/12/15 12:0 a.m.60 views

Critical: bind

Issue Overview: An error in the parsing of incoming responses allows some records with an incorrect class to be be accepted by BIND instead of being rejected as malformed. This can trigger a REQUIRE assertion failure when those records are subsequently cached. Intentional exploitation of this...

7.1CVSS7.4AI score0.5469EPSS
Exploits0References1
Amazon
Amazon
added 2015/02/25 12:0 a.m.60 views

Medium: postgresql93

Issue Overview: A stack-buffer overflow flaw was found in PostgreSQL's pgcrypto module. An authenticated database user could use this flaw to cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. CVE-2015-0243 A flaw was found in wa...

9.8CVSS9.2AI score0.05124EPSS
Exploits0
Amazon
Amazon
added 2015/01/22 12:0 a.m.60 views

Critical: java-1.7.0-openjdk

Issue Overview: A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. CVE-2014-6601 Multiple improper permission check issues were discovered in...

10CVSS7.1AI score0.99999EPSS
Exploits12References1
Amazon
Amazon
added 2014/05/21 12:0 a.m.60 views

Medium: tomcat6

Issue Overview: It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker...

7.5CVSS7.8AI score0.83175EPSS
Exploits12References1
Amazon
Amazon
added 2014/04/22 12:0 a.m.60 views

Medium: kernel

Issue Overview: The ip6routeadd function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service memory consumption via a flood of ICMPv6 Router Advertisement packets. drivers/vhost/net.c in...

10CVSS7.3AI score0.10385EPSS
Exploits5
Amazon
Amazon
added 2012/02/02 12:0 a.m.60 views

Critical: php

Issue Overview: It was discovered that the fix for CVE-2011-4885 introduced an uninitialized memory use flaw. A remote attacker could send a specially-crafted HTTP request to cause the PHP interpreter to crash or, possibly, execute arbitrary code. Affected Packages: php Issue Correction: Run yum...

7.5CVSS10AI score0.83911EPSS
Exploits16References1
Amazon
Amazon
added 2024/02/05 12:0 a.m.59 views

Medium: python3-jinja2

Issue Overview: Jinja is an extensible templating engine. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template, potentially leading to Cross-Site Scripting XSS. The Jinja xmlattr filter...

6.1CVSS6.8AI score0.00892EPSS
Exploits0
Amazon
Amazon
added 2023/11/03 12:0 a.m.59 views

Important: docker

Issue Overview: http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Affected Packages: docker Issue Correction: Run yum update docker or yum update --advisory ALAS-2023-1881 to update your system. New Packages: src: docker-20.10.13-3.amzn1.src x8664: ...

7.5CVSS7.2AI score0.04561EPSS
Exploits0
Amazon
Amazon
added 2023/10/17 12:0 a.m.59 views

Important: tomcat8

Issue Overview: Incomplete Cleanup vulnerability in Apache Tomcat. When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.80 and from 8.5.0 through 8.5.93, an error could cause Tomcat to skip some parts...

7.5CVSS7.6AI score0.99999EPSS
Exploits21
Amazon
Amazon
added 2023/08/21 12:0 a.m.59 views

Important: cni-plugins

Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...

6.5CVSS7.1AI score0.01328EPSS
Exploits0
Amazon
Amazon
added 2023/08/21 12:0 a.m.59 views

Medium: amazon-cloudwatch-agent

Issue Overview: 2023-10-11: The severity level was changed from Important to Medium. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192...

5.3CVSS7.2AI score0.01328EPSS
Exploits0
Amazon
Amazon
added 2023/06/07 12:0 a.m.59 views

Important: squid

Issue Overview: An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker...

9.8CVSS7AI score0.20251EPSS
Exploits0
Amazon
Amazon
added 2023/05/02 12:0 a.m.59 views

Important: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...

7.4CVSS6.4AI score0.02474EPSS
Exploits1
Amazon
Amazon
added 2022/12/06 12:0 a.m.59 views

Medium: curl

Issue Overview: A vulnerability was found in curl. The issue occurs when doing HTTPS transfers, where curl might erroneously use the read callback CURLOPTREADFUNCTION to ask for data to send, even when the CURLOPTPOSTFIELDS option has been set if it previously used the same handle to issue a PUT...

9.8CVSS7.1AI score0.04325EPSS
Exploits2
Amazon
Amazon
added 2021/12/23 12:0 a.m.59 views

Medium: aws-kinesis-agent

Issue Overview: A flaw was found in the Apache Log4j logging library 2.x. when the logging configuration uses a non-default Pattern Layout with a Context Lookup. Attackers with control over Thread Context Map MDC input data can craft malicious input data that contains a recursive lookup and can...

5.9CVSS8.1AI score0.99999EPSS
Exploits20
Amazon
Amazon
added 2021/07/13 12:0 a.m.59 views

Medium: httpd24

Issue Overview: A flaw was found in Apache httpd. The modproxywstunnel module tunnels non-upgraded connections. CVE-2019-17567 A flaw was found in HTTPd. In some Apache HTTP Server versions, unprivileged local users can stop HTTPd on Windows. The highest threat from this vulnerability is to syste...

9.8CVSS7AI score0.68067EPSS
Exploits0
Amazon
Amazon
added 2021/06/23 12:0 a.m.59 views

Important: postgresql

Issue Overview: A flaw was discovered in postgresql where arbitrary SQL statements can be executed given a suitable SECURITY DEFINER function. An attacker, with EXECUTE permission on the function, can execute arbitrary SQL as the owner of the function. CVE-2019-10208 A flaw was found in postgresq...

8.8CVSS7.4AI score0.4644EPSS
Exploits0
Amazon
Amazon
added 2021/01/15 12:0 a.m.59 views

Medium: ruby20

Issue Overview: An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy whi...

7.5CVSS7.1AI score0.03772EPSS
Exploits0
Amazon
Amazon
added 2020/08/12 12:0 a.m.59 views

Important: libxml2

Issue Overview: A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATHOPAND or XPATHOPOR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library...

8.8CVSS8.4AI score0.043EPSS
Exploits3
Amazon
Amazon
added 2020/07/16 12:0 a.m.59 views

Important: java-11-amazon-corretto

Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network acces...

8.3CVSS7.2AI score0.05166EPSS
Exploits0
Amazon
Amazon
added 2020/07/16 12:0 a.m.59 views

Medium: microcode_ctl

Issue Overview: A new domain bypass transient execution attack known as Special Register Buffer Data Sampling SRBDS has been found. This flaw allows data values from special internal registers to be leaked by an attacker able to execute code on any core of the CPU. An unprivileged, local attacker...

5.5CVSS7.2AI score0.00587EPSS
Exploits0
Amazon
Amazon
added 2020/05/06 12:0 a.m.59 views

Important: icu

Issue Overview: An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp. CVE-2020-10531 Affected Packages: icu Note: This advisory ...

8.8CVSS8.5AI score0.02669EPSS
Exploits0
Amazon
Amazon
added 2019/07/17 12:0 a.m.59 views

Medium: php54-pecl-imagick, php55-pecl-imagick, php56-pecl-imagick, php70-pecl-imagick, php71-pecl-imagick, php72-pecl-imagick

Issue Overview: In PHP imagick extension, writing to an array of values in ImagickKernel::fromMatrix function did not check that the address will be within the allocated array. This could lead to out of bounds write to memory if the function is called with the data controlled by untrusted party...

9.8CVSS7.6AI score0.01972EPSS
Exploits0
Amazon
Amazon
added 2018/06/08 12:0 a.m.59 views

Important: kernel

Issue Overview: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions a commonly used performance optimization. It relies on the presence of a precisely-defined instruction sequence in the privileged code...

5.6CVSS7.5AI score0.60631EPSS
Exploits7
Amazon
Amazon
added 2018/05/10 12:0 a.m.59 views

Important: glibc

Issue Overview: Fragmentation attacks possible when EDNS0 is enabled The DNS stub resolver in the GNU C Library aka glibc or libc6 before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP...

9.8CVSS8.8AI score0.13614EPSS
Exploits12
Amazon
Amazon
added 2018/03/27 12:0 a.m.59 views

Important: php71

Issue Overview: Stack-based buffer under-read in ext/standard/httpfopenwrapper.c:phpstreamurlwraphttpex function when parsing HTTP response allows denial of service: In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read...

9.8CVSS9AI score0.87883EPSS
Exploits3
Amazon
Amazon
added 2016/07/20 12:0 a.m.59 views

Important: httpd24, httpd

Issue Overview: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remot...

8.1CVSS7.3AI score0.55724EPSS
Exploits0
Amazon
Amazon
added 2016/04/27 12:0 a.m.59 views

Medium: kernel

Issue Overview: An integer overflow vulnerability was found in xtalloctableinfo, which on 32-bit systems can lead to small structure allocation and a copyfromuser based heap corruption. CVE-2016-3135 In the marksourcechains function net/ipv4/netfilter/iptables.c it is possible for a user-supplied...

10CVSS7.7AI score0.24299EPSS
Exploits13
Amazon
Amazon
added 2016/04/21 12:0 a.m.59 views

Medium: foomatic

Issue Overview: It was discovered that foomatic-rip failed to remove all shell special characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands. CVE-2015-8560 It was discovered that the...

9.8CVSS8.5AI score0.05483EPSS
Exploits0
Amazon
Amazon
added 2016/03/22 12:0 a.m.59 views

Low: nmap

Issue Overview: The http-domino-enum-passwords.nse script in NMap before 6.40, when domino-enum-passwords.idpath is set, allows remote servers to upload arbitrarily named files via a crafted FullName parameter in a response, as demonstrated using directory traversal sequences. Affected Packages:...

6.8CVSS6.9AI score0.07217EPSS
Exploits2
Amazon
Amazon
added 2016/03/16 12:0 a.m.59 views

Medium: kernel

Issue Overview: When running as a Xen 64-bit PV guest, user mode processes not supposed to be able to access I/O ports may be granted such permission, potentially resulting in one or more of in-guest privilege escalation, guest crashes Denial of Service, or in-guest information leaks. CVE-2016-31...

7.8CVSS7.1AI score0.00561EPSS
Exploits0
Total number of security vulnerabilities5000