8699 matches found
Medium: rpcbind
Issue Overview: A use-after-free flaw related to the PMAPCALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote, unauthenticated attacker could possibly exploit this flaw to crash the rpcbind service denial of service by performing a series of UDP and TCP calls. Affected...
Medium: libldb
Issue Overview: A denial of service flaw was found in the ldbwildcardcompare function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb for example the AD LDAP server in Samba, would cause that application to consume an excessiv...
Medium: freeradius
Issue Overview: A stack-based buffer overflow was found in the way the FreeRADIUS rlmpap module handled long password hashes. An attacker able to make radiusd process a malformed password hash could cause the daemon to crash. Affected Packages: freeradius Issue Correction: Run yum update freeradi...
Important: bind
Issue Overview: A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND functioning as a DNS resolver with DNSSEC validation enabled resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. Affected...
Medium: kernel
Issue Overview: A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capnglock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid system call, among others...
Medium: ntp
Issue Overview: It was reported http://bugs.ntp.org/showbug.cgi?id=2671 that ntp misses validation of vallen value, leading to various information leaks. See for more details. CVE-2014-9297 It was reported http://bugs.ntp.org/showbug.cgi?id=2672 that ntp allows bypassing source IP ACLs on some OS...
Medium: mod_security
Issue Overview: apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encoding HTTP header. Affected Packages: modsecurity Issue Correction: Run yum update modsecurity or yum upda...
Medium: file
Issue Overview: The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted ASCII file that triggers a...
Medium: httpd24
Issue Overview: The logcookie function in modlogconfig.c in the modlogconfig module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service segmentation fault and daemon crash via a crafted cookie that is not properly handled during truncation. Affected Package...
Low: xorg-x11-server
Issue Overview: A flaw was found in the way the X.org X11 server registered new hot plugged devices. If a local user switched to a different session and plugged in a new device, input from that device could become available in the previous session, possibly leading to information disclosure...
Medium: dracut
Issue Overview: It was discovered that dracut created initramfs images as world readable. A local user could possibly use this flaw to obtain sensitive information from these files, such as iSCSI authentication passwords, encrypted root file system crypttab passwords, or other information...
Medium: krb5
Issue Overview: It was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server,...
Important: gnutls
Issue Overview: It was discovered that the fix for the CVE-2013-1619 issue introduced a regression in the way GnuTLS decrypted TLS/SSL encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to crash a server or client application that uses GnuTLS...
Important: mysql55
Issue Overview: This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found in the References section. Affected Packages: mysql55 Issue Correction: Run yum update mysql55 or yum update --advisory ALAS-2013-187 to update your system. New...
Medium: httpd24
Issue Overview: Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web...
Medium: php-ZendFramework
Issue Overview: The 1 ZendFeedRss and 2 ZendFeedAtom classes in ZendFeed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service CPU and memory consumption via a...
Important: java-1.7.0-openjdk
Issue Overview: Two improper permission check issues were discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Affected Packages: java-1.7.0-openjdk Issue Correction: Run yum update java-1.7.0-openjdk or yu...
Important: rpm
Issue Overview: Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library such as the rpm...
Low: glib2
Issue Overview: An issue was discovered in GNOME GLib before 2.66.8. When gfilereplace is used with GFILECREATEREPLACEDESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance i...
Important: runc
Issue Overview: AWS is aware of CVE-2024-21626, an issue affecting the runc component of several open source container management systems. Under certain conditions, an actor could leverage a specially crafted container or container configuration to access files or directories outside the...
Low: containerd
Issue Overview: Containerd is not affected by CVE-2023-39325. While it contains the affected module, it does not use it in a way that exposes users to CVE-2023-39325. Affected Packages: containerd Issue Correction: Run yum update containerd or yum update --advisory ALAS-2023-1888 to update your...
Medium: wireshark
Issue Overview: LISP dissector large loop in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file CVE-2023-1993 Affected Packages: wireshark Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ sectio...
Medium: opensc
Issue Overview: OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c. CVE-2019-15945 OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet string in asn1decodeentry in libopensc/asn1.c. CVE-2019-15946 An issue was...
Medium: kernel
Issue Overview: A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service DoS of the host by sending network packets to the backend, causing the backend to crash. CVE-2023-34319 A...
Medium: openssh
Issue Overview: An issue was discovered in OpenSSH 7.4 on Amazon Linux 2 and Amazon Linux 1. The fix for CVE-2019-6111 only covered cases where an absolute path is passed to scp. When a relative path is used there is no verification that the name of a file received by the client matches the file...
Important: kernel
Issue Overview: An issue was found in the Linux kernel's IPv6 TCP connection tracking code, which could lead to high CPU usage with certain traffic patterns. CVE-2023-1206 Affected Packages: kernel Issue Correction: Run yum update kernel or yum update --advisory ALAS-2023-1776 to update your...
Important: xstream
Issue Overview: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new...
Medium: curl
Issue Overview: The curl advisory describes this issue as follows: curl supports communicating using the TELNET protocol and as a part of this it offers users to pass on user name and "telnet options" for the server negotiation. Due to lack of proper input scrubbing and without it being the...
Medium: vim
Issue Overview: Use after free in appendcommand in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution CVE-2022-1616 Heap-based Buffer Overflow in function cmdlineerasechars in...
Medium: containerd
Issue Overview: A bug was found in containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API. This can cause containerd to consume all available memory on the computer, denying service to...
Important: expat, thunderbird
Issue Overview: An integer overflow was found in expat. The issue occurs in storeRawNames by abusing the mbuffer expansion logic to allow allocations very close to INTMAX and out-of-bounds heap writes. This flaw can cause a denial of service or potentially arbitrary code execution. CVE-2022-25315...
Medium: java-17-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to...
Medium: rpm
Issue Overview: A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highes...
Important: mod_http2
Issue Overview: A null pointer de-reference was found in the way httpd handled specially crafted HTTP/2 request. A remote attacker could use this flaw to crash the httpd child process, causing temporary denial of service. CVE-2021-31618 Affected Packages: modhttp2 Note: This advisory is applicabl...
Important: xstream
Issue Overview: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting i...
Medium: qemu
Issue Overview: An out-of-bound write access flaw was found in the way QEMU loads ROM contents at boot time. This flaw occurs in the romcopy routine while loading the contents of a 32-bit -kernel image into memory. Running an untrusted -kernel image may load contents at arbitrary memory locations...
Medium: tomcat8
Issue Overview: While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent...
Low: tomcat7
Issue Overview: A flaw was found in Apache Tomcat. The HTTP header parsing code used an approach to end-of-line EOL parsing that allowed some invalid HTTP headers to be parsed as valid. This led to the possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that...
Medium: libxslt
Issue Overview: libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded. CVE-2019-110...
Important: qt, qt5-qtbase
Issue Overview: An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. readxbmbody in gui/image/qxbmhandler.cpp has a buffer over-read. CVE-2020-17507 Affected Packages: qt, qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...
Medium: golang
Issue Overview: It was discovered that net/http through net/textproto in golang does not correctly interpret HTTP requests where an HTTP header contains spaces before the colon. This could be abused by an attacker to smuggle HTTP requests when a proxy or a firewall is placed behind a server...
Important: wget
Issue Overview: Buffer overflow in GNU Wget allows remote attackers to cause a denial-of-service DoS or may execute an arbitrary code via unspecified vectors. CVE-2019-5953 Affected Packages: wget Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...
Important: kernel
Issue Overview: A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bcsvcprocess use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host kernel memory...
Medium: kernel
Issue Overview: The USB subsystem mishandles size checks during the reading of an extra descriptor, related to usbgetextradescriptor in drivers/usb/core/usb.c.CVE-2018-20169 A flaw was found where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race...
Critical: java-1.7.0-openjdk
Issue Overview: Unbounded memory allocation during deserialization in NamedNodeMapImpl JAXP, 8189993 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded:...
Medium: curl
Issue Overview: FTP path trickery leads to NIL byte out of bounds write: It was found that libcurl did not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an...
Critical: java-1.8.0-openjdk, java-1.7.0-openjdk
Issue Overview: An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. Affected Packages: java-1.8.0-openjdk, java-1.7.0-openjdk Issue Correction: Run yum update java-1.8.0-openjdk or...
Medium: subversion, mod_dav_svn
Issue Overview: The moddavsvn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial of service memory consumption via a large number of REPORT requests, which trigger the traversal of FSFS repository nodes. CVE-2015-0202 An assertion failure flaw was found in the way...
Medium: tcpdump
Issue Overview: Integer signedness error in the mobilityoptprint function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service out-of-bounds read and crash or possibly execute arbitrary code via a negative length value. CVE-2015-0261 The...
Medium: ruby22
Issue Overview: RubyGems provides the ability of a domain to direct clients to a separate host that is used to fetch gems and make API calls against. This mechanism is implemented via DNS, specificly a SRV record rubygems.tcp under the original requested domain. RubyGems did not validate the...