Lucene search
K
AmazonMost viewed

8850 matches found

Amazon
Amazon
added 2019/10/31 12:0 a.m.368 views

Critical: php71, php72, php73, php56

Issue Overview: In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code...

9.8CVSS8.5AI score0.9947EPSS
Exploits54
Amazon
Amazon
added 2019/01/09 12:0 a.m.365 views

Medium: kernel

Issue Overview: The USB subsystem mishandles size checks during the reading of an extra descriptor, related to usbgetextradescriptor in drivers/usb/core/usb.c.CVE-2018-20169 A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race...

7.2CVSS6.8AI score0.00586EPSS
Exploits0
Amazon
Amazon
added 2022/04/19 12:0 a.m.359 views

Important: log4j-cve-2021-44228-hotpatch

Issue Overview: The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic the Linux capabilities and cgroups of the target Java process that the hotpatch is applied to. In order to mimic the Linux capabilities of the target process, Amazon Linu...

10CVSS8.5AI score0.99999EPSS
Exploits348
Amazon
Amazon
added 2019/01/09 12:0 a.m.339 views

Medium: php56, php70, php71, php72

Issue Overview: ext/imap/phpimap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty string in the message argument to the imapmail function.CVE-2018-19935 University of Washington IMAP Toolkit 2007f on...

8.5CVSS8.4AI score0.9523EPSS
Exploits6
Amazon
Amazon
added 2014/07/09 12:0 a.m.328 views

Medium: kernel

Issue Overview: arch/x86/kernel/entry32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service OOPS and system crash via an invalid syscall number, as demonstrated by numbe...

7.5CVSS6.5AI score0.05421EPSS
Exploits4
Amazon
Amazon
added 2018/12/20 12:0 a.m.315 views

Medium: python34, python36

Issue Overview: Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by contructing an XML document that would cause pathological hash collisions in Expat's internal data...

7.5CVSS7.1AI score0.10911EPSS
Exploits0
Amazon
Amazon
added 2021/12/18 12:0 a.m.310 views

Critical: java-1.8.0-openjdk, java-1.7.0-openjdk, java-1.6.0-openjdk

Issue Overview: No versions of an Amazon Linux Java Virtual Machine JVM are affected by CVE-2021-44228 or CVE-2021-45046. However, if customers load a log4j version that is affected by CVE-2021-44228 or CVE-2021-45046 into an Amazon Linux JVM, it will introduce the issues identified in...

10CVSS8.9AI score0.99999EPSS
Exploits349
Amazon
Amazon
added 2019/06/13 12:0 a.m.296 views

Critical: kernel

Issue Overview: CVE-2019-11477, CVE-2019-11478 and CVE-2019-11479 describe vulnerabilities in the Linux kernel that can be remotely exploited using a specially crafted TCP connection, crashing the targeted system. The latest Amazon Linux AMIs as available in AWS EC2 already contain these kernels...

7.8CVSS7AI score0.98745EPSS
Exploits4
Amazon
Amazon
added 2019/08/23 12:0 a.m.287 views

Important: golang

Issue Overview: net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname nor Port, and is related to a non-numeric port number. For...

9.8CVSS8.3AI score0.83433EPSS
Exploits2
Amazon
Amazon
added 2015/10/20 12:0 a.m.281 views

Medium: php56

Issue Overview: As reported upstream https://bugs.php.net/bug.php?id=69720, A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7803 A flaw was discovered in the way PHP performed object...

9.8CVSS9.1AI score0.46801EPSS
Exploits7
Amazon
Amazon
added 2019/05/29 12:0 a.m.279 views

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's freescale hypervisor manager implementation. A parameter passed via to an ioctl was incorrectly validated and used in size calculations for the page size calculation. An attacker can use this flaw to crash the system or corrupt memory or,...

8.3CVSS7.1AI score0.03844EPSS
Exploits2
Amazon
Amazon
added 2016/07/14 12:0 a.m.278 views

Important: libxml2

Issue Overview: A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code...

10CVSS8.4AI score0.1398EPSS
Exploits11
Amazon
Amazon
added 2020/09/04 12:0 a.m.276 views

Important: kernel

Issue Overview: An issue has been reported in the Linux kernel's handling of raw sockets. This issue can be used locally to cause denial of service or local privilege escalation from unprivileged processes or from containers with the CAPNETRAW capability enabled. See Also:...

7.8CVSS6.8AI score0.01319EPSS
Exploits1
Amazon
Amazon
added 2019/06/05 12:0 a.m.268 views

Critical: exim

Issue Overview: A flaw was found in Exim versions 4.87 to 4.91 before release 1.20 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may lead to remote command execution. CVE-2019-10149 Affected Packages: exim Issue Correction: Run yum update exim or...

10CVSS9.8AI score0.99961EPSS
Exploits27
Amazon
Amazon
added 2019/05/29 12:0 a.m.268 views

Important: python36

Issue Overview: Python is affected by improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is: Information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are: urllib.parse.urlsplit,...

9.8CVSS8.2AI score0.08811EPSS
Exploits2
Amazon
Amazon
added 2020/02/04 12:0 a.m.266 views

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. The cryptoreport function mishandles resource cleanup on error. A local attacker able to induce the error conditions could use this flaw to crash the system. The highest threat from this vulnerability is to system availability. CVE-2019-19062 ...

6.1CVSS6.3AI score0.00679EPSS
Exploits2
Amazon
Amazon
added 2019/01/09 12:0 a.m.266 views

Low: clamav

Issue Overview: An issue was discovered in kwajdreadheaders in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.CVE-2018-14681 An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in...

8.8CVSS7.2AI score0.03806EPSS
Exploits0
Amazon
Amazon
added 2013/10/23 12:0 a.m.258 views

Critical: java-1.7.0-openjdk

Issue Overview: Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual...

10CVSS9AI score0.24738EPSS
Exploits0References1
Amazon
Amazon
added 2019/03/07 12:0 a.m.255 views

Important: kernel

Issue Overview: In the Linux kernel afalgrelease in crypto/afalg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free UAF in sockfssetattr. A local attacker can use this flaw to escalate privileges and take control of the system. CVE-2019-8912 Affected...

7.8CVSS7.8AI score0.00651EPSS
Exploits0
Amazon
Amazon
added 2019/09/30 12:0 a.m.249 views

Important: nginx

Issue Overview: Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and...

7.8CVSS7.7AI score0.82017EPSS
Exploits0
Amazon
Amazon
added 2019/09/30 12:0 a.m.248 views

Medium: oniguruma

Issue Overview: A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, wit...

9.8CVSS7.8AI score0.04047EPSS
Exploits0
Amazon
Amazon
added 2019/09/30 12:0 a.m.246 views

Medium: mysql57

Issue Overview: A stack-based buffer overflow vulnerability in the 'Server: Packaging cURL' subcomponent could allow an unauthenticated attacker to gain complete control of an affected instance of MySQL Server. CVE-2019-3822 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent...

9.8CVSS7.3AI score0.12771EPSS
Exploits1
Amazon
Amazon
added 2019/02/07 12:0 a.m.244 views

Medium: curl

Issue Overview: setfilemetadata in xattr.c in GNU Wget stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information e.g., credentials contained in the URL by reading this...

9.8CVSS9AI score0.06433EPSS
Exploits2
Amazon
Amazon
added 2019/06/11 12:0 a.m.243 views

Low: php71, php72, php73

Issue Overview: When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exifiifaddvalue function. This may lead to information disclosure or crash. CVE-2019-11035 When processing...

9.1CVSS6.7AI score0.07031EPSS
Exploits1
Amazon
Amazon
added 2019/02/08 12:0 a.m.241 views

Important: docker

Issue Overview: A vulnerability was discovered in runc, which is used by Docker to run containers. runc did not prevent container processes from modifying the runc binary via /proc/self/exe. A malicious container could replace the runc binary, resulting in container escape and privilege escalatio...

9.3CVSS7.6AI score0.9857EPSS
Exploits33
Amazon
Amazon
added 2019/09/30 12:0 a.m.239 views

Important: nghttp2

Issue Overview: Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and...

7.8CVSS8.2AI score0.82017EPSS
Exploits0
Amazon
Amazon
added 2023/02/21 12:0 a.m.238 views

Medium: java-1.8.0-openjdk

Issue Overview: Improve CORBA communication: CORBA deserialization can result in outbound network connections with data passed in. CVE-2023-21830 Affected Packages: java-1.8.0-openjdk Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the differenc...

5.3CVSS6.8AI score0.01058EPSS
Exploits0
Amazon
Amazon
added 2019/03/20 12:0 a.m.238 views

Important: kernel

Issue Overview: A kernel memory leak was found in the kernelreadfile function in the fs/exec.c file in the Linux kernel. An attacker could use this flaw to cause a memory leak and thus a denial of service DoS. CVE-2019-8980 A flaw was found in mmap in the Linux kernel allowing the process to map ...

7.8CVSS6.4AI score0.05845EPSS
Exploits6
Amazon
Amazon
added 2022/04/07 12:0 a.m.236 views

Important: zlib

Issue Overview: An out-of-bounds access flaw was found in zlib, which allows memory corruption when deflating ex: when compressing if the input has many distant matches. For some rare inputs with a large number of distant matches crafted payloads, the buffer into which the compressed or deflated...

7.5CVSS7.5AI score0.51733EPSS
Exploits1
Amazon
Amazon
added 2019/06/11 12:0 a.m.235 views

Low: python-urllib3

Issue Overview: urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in...

9.8CVSS8.3AI score0.04488EPSS
Exploits0
Amazon
Amazon
added 2020/04/23 12:0 a.m.231 views

Medium: runc

Issue Overview: runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. This...

7CVSS6.8AI score0.00457EPSS
Exploits0
Amazon
Amazon
added 2019/09/25 12:0 a.m.228 views

Important: kernel

Issue Overview: An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvmcoalescedmmio' object, wherein write indices 'ring-first' and 'ring-last' value could be supplied by a host...

8.8CVSS7.9AI score0.00763EPSS
Exploits1
Amazon
Amazon
added 2019/03/06 12:0 a.m.228 views

Important: httpd24

Issue Overview: In Apache HTTP server by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. This affects only HTTP/2 modhttp2 connections. CVE-2018-17189 A bug exists in the way modss...

7.5CVSS6.8AI score0.59942EPSS
Exploits0
Amazon
Amazon
added 2019/09/30 12:0 a.m.227 views

Medium: curl

Issue Overview: Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. CVE-2019-5482 Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. CVE-2019-5481 Affected Packages: curl Issue Correction: Run yum update curl or yum update --advisory ALAS-2019-129...

9.8CVSS7.1AI score0.17939EPSS
Exploits0
Amazon
Amazon
added 2019/10/28 12:0 a.m.226 views

Medium: openssh

Issue Overview: An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle attacker can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being...

6.8CVSS7.6AI score0.58204EPSS
Exploits9
Amazon
Amazon
added 2019/06/11 12:0 a.m.221 views

Important: python-jinja2

Issue Overview: In Pallets Jinja, str.format allows a sandbox escape. CVE-2016-10745 Affected Packages: python-jinja2 Issue Correction: Run yum update python-jinja2 or yum update --advisory ALAS-2019-1223 to update your system. New Packages: noarch: python26-jinja2-2.7.2-3.16.amzn1.noarch ...

8.6CVSS8.9AI score0.03492EPSS
Exploits0
Amazon
Amazon
added 2018/12/06 12:0 a.m.212 views

Important: ruby23, ruby24

Issue Overview: An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first...

9.8CVSS9.1AI score0.10715EPSS
Exploits0
Amazon
Amazon
added 2019/04/05 12:0 a.m.211 views

Important: httpd24

Issue Overview: In Apache HTTP Server with MPM event, worker or prefork, code executing in less-privileged child processes or threads including scripts executed by an in-process scripting interpreter could execute arbitrary code with the privileges of the parent process usually root by manipulati...

7.8CVSS7.7AI score0.65005EPSS
Exploits8
Amazon
Amazon
added 2019/05/16 12:0 a.m.207 views

Important: clamav

Issue Overview: An out-of-bounds heap read condition may occur when scanning PDF documents. The defect is a failure to correctly keep track of the number of bytes remaining in a buffer when indexing file data. CVE-2019-1787 An out-of-bounds heap read condition may occur when scanning PE files i.e...

7.5CVSS7.2AI score0.01839EPSS
Exploits2
Amazon
Amazon
added 2020/09/16 12:0 a.m.203 views

Important: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via...

8.3CVSS7.2AI score0.04315EPSS
Exploits0
Amazon
Amazon
added 2019/11/19 12:0 a.m.200 views

Important: kernel

Issue Overview: A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU's local cache and system software's Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host...

6.5CVSS7.2AI score0.00915EPSS
Exploits0
Amazon
Amazon
added 2019/09/30 12:0 a.m.199 views

Medium: mysql56

Issue Overview: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with logon to...

6.5CVSS6.3AI score0.03972EPSS
Exploits0
Amazon
Amazon
added 2019/07/17 12:0 a.m.198 views

Important: kernel

Issue Overview: An infinite loop issue was found in the vhostnet kernel module while handling incoming packets in handlerx. The infinite loop could occur if one end sends packets faster than the other end can process them. A guest user, maybe a remote one, could use this flaw to stall the vhostne...

7.8CVSS7AI score0.52199EPSS
Exploits24
Amazon
Amazon
added 2019/05/02 12:0 a.m.196 views

Important: python34

Issue Overview: Python is affected by improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is information disclosure credentials, cookies, etc. that are cached against a given hostname. The components are: urllib.parse.urlsplit, urllib.parse.urlpars...

9.8CVSS8.2AI score0.08811EPSS
Exploits1
Amazon
Amazon
added 2020/03/16 12:0 a.m.195 views

Important: java-1.7.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network...

8.1CVSS7.6AI score0.04903EPSS
Exploits0
Amazon
Amazon
added 2019/02/26 12:0 a.m.189 views

Important: kernel

Issue Overview: A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested =1 virtualization is enabled. This high resolution timerhrtimer runs when a L2 guest is active. After VM exit, the syncvmcs12 timer object is...

8.1CVSS6.6AI score0.16523EPSS
Exploits4
Amazon
Amazon
added 2019/04/17 12:0 a.m.188 views

Medium: fuse

Issue Overview: A vulnerability was discovered in fuse. When SELinux is active, fusermount is vulnerable to a restriction bypass. This allows non-root users to mount a FUSE file system with the 'allowother' mount option regardless of whether 'userallowother' is set in the fuse configuration. An...

7.8CVSS7AI score0.01414EPSS
Exploits3
Amazon
Amazon
added 2019/03/07 12:0 a.m.187 views

Medium: golang

Issue Overview: Go mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service CPU consumption or possibly conduct ECDH private key recovery attacks. CVE-2019-6486 Affected Packages: golang Issue Correction: Run yum update golang or yum update --advisory...

8.2CVSS8.5AI score0.04326EPSS
Exploits0
Amazon
Amazon
added 2019/09/30 12:0 a.m.186 views

Medium: mod24_auth_openidc

Issue Overview: A text injection flaw was found in how modauthopenidc handled error pages. An attacker could potentially use this flaw to conduct content spoofing and phishing attacks by tricking users into opening specially crafted URLs. CVE-2017-6059 It was found that modauthopenidc did not...

8.6CVSS7.4AI score0.05177EPSS
Exploits0
Amazon
Amazon
added 2019/09/13 12:0 a.m.184 views

Low: php71, php73

Issue Overview: When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead...

9.8CVSS7.7AI score0.0442EPSS
Exploits2
Total number of security vulnerabilities5000