Lucene search
K
AmazonMost viewed

8850 matches found

Amazon
Amazon
added 2023/07/19 12:0 a.m.57 views

Low: libcap

Issue Overview: libcap is vulnerable to a denial of service caused by the error handling in wrappthreadcreate function, which will cause memory to be leaked in the case of an error. CVE-2023-2602 Affected Packages: libcap Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository...

3.3CVSS6.6AI score0.0035EPSS
Exploits1
Amazon
Amazon
added 2023/03/06 12:0 a.m.57 views

Medium: openssl11

Issue Overview: AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimized implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in...

5.3CVSS6.9AI score0.02024EPSS
Exploits0
Amazon
Amazon
added 2023/02/21 12:0 a.m.57 views

Important: python-lxml

Issue Overview: Incomplete blacklist vulnerability in the lxml.html.clean module in lxml before 3.3.5 allows remote attackers to conduct cross-site scripting XSS attacks via control characters in the link scheme to the cleanhtml function. CVE-2014-3146 An issue was discovered in lxml before 4.2.5...

8.2CVSS6.5AI score0.06333EPSS
Exploits2
Amazon
Amazon
added 2022/04/07 12:0 a.m.57 views

Medium: glibc

Issue Overview: A stack based buffer-overflow vulnerability was found in the deprecated compatibility function svcunixcreate in the sunrpc's svcunix.c module of the GNU C Library aka glibc through 2.34. This vulnerability copies its path argument onto the stack without validating its length, whic...

9.8CVSS8.7AI score0.04729EPSS
Exploits2
Amazon
Amazon
added 2021/11/04 12:0 a.m.57 views

Important: kernel

Issue Overview: A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueueadd function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the...

7.8CVSS7.5AI score0.00578EPSS
Exploits2
Amazon
Amazon
added 2021/08/05 12:0 a.m.57 views

Medium: golang

Issue Overview: A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. CVE-2021-33196 A flaw was found in golang. A panic can be triggered by an attacker in a privileged netwo...

7.5CVSS6.7AI score0.07032EPSS
Exploits2
Amazon
Amazon
added 2021/07/13 12:0 a.m.57 views

Medium: kernel

Issue Overview: A denial-of-service DoS flaw was identified in the Linux kernel due to an incorrect memory barrier in xtreplacetable in net/netfilter/xtables.c in the netfilter subsystem. CVE-2021-29650 A flaw was found in kernel/bpf/verifier.c in BPF in the Linux kernel. An incorrect limit is...

7.8CVSS6.3AI score0.00417EPSS
Exploits0
Amazon
Amazon
added 2021/06/23 12:0 a.m.57 views

Low: samba

Issue Overview: No CVE associated with this advisory Affected Packages: samba Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update samba or yum update...

10CVSS8.6AI score0.99512EPSS
Exploits75
Amazon
Amazon
added 2019/10/21 12:0 a.m.57 views

Medium: http-parser

Issue Overview: Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the headers, it is possible to...

7.5CVSS8AI score0.10207EPSS
Exploits0
Amazon
Amazon
added 2019/06/11 12:0 a.m.57 views

Critical: thunderbird

Issue Overview: Mozilla: Buffer overflow in WebGL bufferdata on Linux CVE-2019-11693 Mozilla: Use-after-free in XMLHttpRequest CVE-2019-11691 Cross-origin images can be read in violation of the same-origin policy by exporting an image after using createImageBitmap to read the image and then...

9.8CVSS8AI score0.09393EPSS
Exploits3
Amazon
Amazon
added 2019/05/16 12:0 a.m.57 views

Important: java-1.7.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network...

8.1CVSS7.4AI score0.37618EPSS
Exploits1
Amazon
Amazon
added 2019/03/07 12:0 a.m.57 views

Important: kernel

Issue Overview: In the Linux kernel afalgrelease in crypto/afalg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free UAF in sockfssetattr. A local attacker can use this flaw to escalate privileges and take control of the system.CVE-2019-8912 Affected...

7.8CVSS7.8AI score0.00651EPSS
Exploits0
Amazon
Amazon
added 2018/10/25 12:0 a.m.57 views

Critical: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacker with netwo...

9CVSS7.1AI score0.07215EPSS
Exploits2
Amazon
Amazon
added 2018/04/26 12:0 a.m.57 views

Critical: java-1.8.0-openjdk

Issue Overview: Unbounded memory allocation during deserialization in Container AWT, 8189989 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161...

8.3CVSS5.3AI score0.15141EPSS
Exploits0
Amazon
Amazon
added 2018/01/11 12:0 a.m.57 views

Critical: kernel

Issue Overview: An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upo...

5.6CVSS7.5AI score0.84172EPSS
Exploits9
Amazon
Amazon
added 2017/12/20 12:0 a.m.57 views

Medium: qemu-kvm

Issue Overview: Quick Emulator QEMU, compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory access issue. The issue could occur due to an integer overflow while loading a kernel image during a guest boot. A user or process could use this flaw to...

8.8CVSS8.3AI score0.00603EPSS
Exploits0
Amazon
Amazon
added 2016/08/01 12:0 a.m.57 views

Medium: ntp

Issue Overview: It was discovered that ntpq and ntpdc disclosed the origin timestamp to unauthenticated clients, which could permit such clients to forge the server's replies. CVE-2015-8139 The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause...

7.5CVSS7AI score0.16351EPSS
Exploits3
Amazon
Amazon
added 2016/06/02 12:0 a.m.57 views

Low: kernel

Issue Overview: The getrockridgefilename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM aka alternate name entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a...

7.8CVSS6.7AI score0.00512EPSS
Exploits0
Amazon
Amazon
added 2016/04/21 12:0 a.m.57 views

Critical: java-1.8.0-openjdk

Issue Overview: It was discovered that the ObjectInputStream class in the Serialization component of OpenJDK failed to properly ensure thread consistency when deserializing serialized input. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions...

10CVSS8.9AI score0.92334EPSS
Exploits1
Amazon
Amazon
added 2016/04/13 12:0 a.m.57 views

Medium: php56, php55

Issue Overview: A stack overflow vulnerability was reported that may occur when decompressing tar archives due to phartarwriteheaders potentially copying non-terminated linknames from entries parsed by pharparsetarfile. Affected Packages: php56, php55 Issue Correction: Run yum update php56 or yum...

10CVSS9.1AI score0.10997EPSS
Exploits1
Amazon
Amazon
added 2016/03/10 12:0 a.m.57 views

Critical: nss-util

Issue Overview: A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user...

8.8CVSS10AI score0.04192EPSS
Exploits0
Amazon
Amazon
added 2015/10/27 12:0 a.m.57 views

Important: libwmf

Issue Overview: It was discovered that libwmf did not correctly process certain WMF Windows Metafiles with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code...

9.3CVSS7.7AI score0.13311EPSS
Exploits4References1
Amazon
Amazon
added 2015/04/23 12:0 a.m.57 views

Important: java-1.6.0-openjdk

Issue Overview: An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Ja...

10CVSS6.2AI score0.07224EPSS
Exploits1References1
Amazon
Amazon
added 2015/01/08 12:0 a.m.57 views

Medium: glibc

Issue Overview: An out-of-bounds read flaw was found in the way glibc's iconv function converted certain encoded data to UTF-8. An attacker able to make an application call the iconv function with a specially crafted argument could use this flaw to crash that application. CVE-2014-6040 It was fou...

5CVSS9.2AI score0.06564EPSS
Exploits1References1
Amazon
Amazon
added 2014/12/11 12:0 a.m.57 views

Medium: php-ZendFramework

Issue Overview: The 1 ZendLdap class in Zend before 1.12.9 and 2 Zend\Ldap component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows remote attackers to bypass authentication via a password starting with a null byte, which triggers an unauthenticated bind. CVE-2014-8088 The 1.12.9, 2.2.8,...

9.8CVSS10AI score0.0255EPSS
Exploits1
Amazon
Amazon
added 2014/07/23 12:0 a.m.57 views

Critical: nss

Issue Overview: Use-after-free vulnerability in the CERTDestroyCertificate function in libnss3.so in Mozilla Network Security Services NSS 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors...

10CVSS8.8AI score0.06109EPSS
Exploits0
Amazon
Amazon
added 2013/12/11 12:0 a.m.57 views

Low: kernel

Issue Overview: Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging the CAPSYSADMIN capability for a 1 XFSIOCATTRLISTBYHANDLE or 2...

4CVSS6.8AI score0.00575EPSS
Exploits1
Amazon
Amazon
added 2012/10/23 12:0 a.m.57 views

Important: java-1.7.0-openjdk

Issue Overview: Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2012-5086, CVE-2012-5084, CVE-2012-5089 Multiple improper permission...

10CVSS9.2AI score0.45113EPSS
Exploits1References1
Amazon
Amazon
added 2012/09/10 12:0 a.m.57 views

Medium: kernel

Issue Overview: The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCMCREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to 1 Avahi or 2 NetworkManager. Affected...

1.9CVSS7.6AI score0.00429EPSS
Exploits2
Amazon
Amazon
added 2024/11/01 12:0 a.m.56 views

Medium: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12...

4.8CVSS5.4AI score0.01157EPSS
Exploits0
Amazon
Amazon
added 2024/06/24 12:0 a.m.56 views

Important: kernel

Issue Overview: An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x8664 lacks consistency checks for CR0 and CR4. CVE-2023-30456 In the Linux kernel, the following vulnerability has been resolved: net: bridge: use DEVSTATSINC CVE-2023-52578 In the Linu...

9.1CVSS7.6AI score0.01401EPSS
Exploits1
Amazon
Amazon
added 2024/01/09 12:0 a.m.56 views

Important: kernel

Issue Overview: A use-after-free flaw was found in qdiscgraft in net/sched/schapi.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. CVE-2023-0590 When a router encounters an IPv6 packet too big to transmit to the next-hop, it returns an ICMP6 "Packet Too...

7.8CVSS6.4AI score0.0094EPSS
Exploits0
Amazon
Amazon
added 2023/11/01 12:0 a.m.56 views

Important: cni-plugins

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Affected Packages: cni-plugins Note: This advisory is applicable to Amazo...

7.5CVSS6.9AI score0.03796EPSS
Exploits0
Amazon
Amazon
added 2023/10/11 12:0 a.m.56 views

Important: curl

Issue Overview: An issue was found in curl that can cause a buffer overflow in its SOCKS5 proxy communications code. When curl is using a SOCKS5 proxy and it needs to resolve a hostname to an IP address, its default behavior is to pass the hostname to the proxy and allow it to perform the...

9.8CVSS7.7AI score0.78483EPSS
Exploits6
Amazon
Amazon
added 2023/08/21 12:0 a.m.57 views

Medium: nerdctl

Issue Overview: 2023-10-11: The severity level was changed from Important to Medium. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to = 8192...

5.3CVSS7.2AI score0.01328EPSS
Exploits0
Amazon
Amazon
added 2023/08/07 12:0 a.m.56 views

Important: golang

Issue Overview: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host or Request.URL.Host value...

6.5CVSS7.1AI score0.0125EPSS
Exploits0
Amazon
Amazon
added 2023/08/07 12:0 a.m.56 views

Important: kernel

Issue Overview: A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled?address, potentially leading to information disclosure. CVE-2023-20569 A use-after-free...

7.8CVSS7.3AI score0.0616EPSS
Exploits2
Amazon
Amazon
added 2023/05/16 12:0 a.m.56 views

Important: glib2

Issue Overview: In GNOME GLib 2.56.1, gmarkupparsecontextendparse in gmarkup.c has a NULL pointer dereference. CVE-2018-16428 GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in gmarkupparsecontextparse in gmarkup.c, related to utf8str. CVE-2018-16429 Affected Packages: glib2 Note: This...

9.8CVSS8.2AI score0.04693EPSS
Exploits2
Amazon
Amazon
added 2023/04/05 12:0 a.m.56 views

Important: log4j

Issue Overview: A flaw was found in the Java logging library Apache Log4j in version 1.x. JMSSink in Log4j 1.x is vulnerable to deserialization of untrusted data. This allows a remote attacker to execute code on the server if JMSSink is deployed and has been configured to perform JNDI requests...

9.8CVSS8.7AI score0.66537EPSS
Exploits1
Amazon
Amazon
added 2023/01/20 12:0 a.m.56 views

Important: bcel

Issue Overview: Apache Commons BCEL has a number of APIs that would normally only allow changing specific class characteristics. However, due to an out-of-bounds writing issue, these APIs can be used to produce arbitrary bytecode. This could be abused in applications that pass attacker-controllab...

9.8CVSS8AI score0.02836EPSS
Exploits0
Amazon
Amazon
added 2022/06/07 12:0 a.m.56 views

Medium: python

Issue Overview: In Python3's Lib/test/multibytecodecsupport.py CJK codec tests call eval on content retrieved via HTTP. CVE-2020-27619 The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parseqsl and urllib.parse.parseqs by using a vector called parameter cloaking. Wh...

9.8CVSS7.6AI score0.35963EPSS
Exploits4
Amazon
Amazon
added 2022/04/07 12:0 a.m.56 views

Important: kernel

Issue Overview: A flaw was found in the Linux kernel in linux/net/netfilter/nftablesapi.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue. CVE-2022-1015 A flaw was found in the Linux kernel in net/netfilter/nftablescore.c:nftdochain, which can cause...

7.8CVSS6.2AI score0.01467EPSS
Exploits11
Amazon
Amazon
added 2022/04/07 12:0 a.m.56 views

Medium: vim

Issue Overview: A flaw was found in vim. The vulnerability occurs due to a crash when recording and using Select mode and leads to an out-of-bounds read. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. CVE-2022-0393 A flaw was found in vim. Th...

8.8CVSS8AI score0.26583EPSS
Exploits13
Amazon
Amazon
added 2022/03/16 12:0 a.m.56 views

Important: openssl

Issue Overview: The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve...

7.5CVSS7.3AI score0.70561EPSS
Exploits2
Amazon
Amazon
added 2022/03/08 12:0 a.m.56 views

Important: kernel

Issue Overview: Amazon Linux has been made aware of a potential Branch Target Injection BTI issue sometimes referred to as Spectre variant 2. This is a known cross-domain transient execution attack where a third party may seek to cause a disclosure gadget to be speculatively executed after an...

9CVSS7.8AI score0.88106EPSS
Exploits103
Amazon
Amazon
added 2022/02/08 12:0 a.m.56 views

Important: kernel

Issue Overview: A flaw in the processing of received ICMP errors ICMP fragment needed and ICMP redirect in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization...

7.8CVSS6.7AI score0.06902EPSS
Exploits13
Amazon
Amazon
added 2022/01/20 12:0 a.m.56 views

Important: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows...

7.1CVSS5.7AI score0.14839EPSS
Exploits0
Amazon
Amazon
added 2021/01/07 12:0 a.m.56 views

Critical: samba

Issue Overview: A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker. CVE-2020-14318 A null pointer dereference flaw was fou...

10CVSS8.2AI score0.99512EPSS
Exploits75
Amazon
Amazon
added 2020/06/03 12:0 a.m.56 views

Important: unbound

Issue Overview: A network amplification vulnerability was found in Unbound, in the way it processes delegation messages from one authoritative zone to another. This flaw allows an attacker to cause a denial of service or be part of an attack against another DNS server when Unbound is deployed as ...

7.5CVSS6.7AI score0.03588EPSS
Exploits0
Amazon
Amazon
added 2020/01/14 12:0 a.m.56 views

Important: nss

Issue Overview: A heap-based buffer overflow was found in the NSCEncryptUpdate function in Mozilla nss. A remote attacker could trigger this flaw via SRTP encrypt or decrypt operations, to execute arbitrary code with the permissions of the user running the application compiled with nss. While the...

8.8CVSS8.1AI score0.02994EPSS
Exploits0
Total number of security vulnerabilities5000