Lucene search
K
AmazonRecent

8850 matches found

Amazon
Amazon
added 2026/05/05 12:0 a.m.14 views

Important: kernel-livepatch-5.10.252-250.1005

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.11 views

Important: kernel-livepatch-6.18.16-18.222

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.17 views

Important: kernel-livepatch-6.18.20-20.229

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.13 views

Important: kernel-livepatch-6.18.15-14.217

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.14 views

Important: kernel-livepatch-6.12.74-98.124

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.15 views

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.15 views

Important: kernel-livepatch-6.12.73-95.123

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.14 views

Important: kernel-livepatch-6.1.163-186.299

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.12 views

Important: kernel-livepatch-6.1.166-197.305

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/05/05 12:0 a.m.14 views

Important: kernel-livepatch-6.1.164-196.303

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place To mitigate this issue, we recommend that customers disable loading of the algifaead module by running the following commands: echo "install algifaead /bin/fals...

7.8CVSS6AI score0.96775EPSS
Exploits228
Amazon
Amazon
added 2026/04/30 12:0 a.m.9 views

Important: gimp

Issue Overview: GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

7.8CVSS7.9AI score0.00755EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.10 views

Medium: tomcat

Issue Overview: Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Apache Tomcat via invalid chunk extension. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M1 through 9.0.115, from 8.5.0...

9.1CVSS5.7AI score0.03494EPSS
Exploits2
Amazon
Amazon
added 2026/04/30 12:0 a.m.6 views

Important: dotnet10.0

Issue Overview: Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network. CVE-2026-26171 Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. CVE-2026-32178 Stack-based buffer overfl...

7.5CVSS6.1AI score0.02279EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: dotnet8.0

Issue Overview: Uncontrolled resource consumption in .NET allows an unauthorized attacker to deny service over a network. CVE-2026-26171 Improper neutralization of special elements in .NET allows an unauthorized attacker to perform spoofing over a network. CVE-2026-32178 Stack-based buffer overfl...

7.5CVSS6.2AI score0.02279EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: mesa

Issue Overview: In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca. CVE-2026-40393 Affected Packages: mesa Issue Correction: Run dnf update mesa...

9.8CVSS5.2AI score0.00348EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Important: cups

Issue Overview: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri e.g., rss:///../job.cache, letting a remote IPP client write RSS XML bytes outside...

7.8CVSS6.5AI score0.00502EPSS
Exploits6
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Low: nodejs22

Issue Overview: A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to excessive CPU consumption, which can result in a Denial of Service DoS for the...

5.5CVSS5.2AI score0.00204EPSS
Exploits1
Amazon
Amazon
added 2026/04/30 12:0 a.m.9 views

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

7.5CVSS6.9AI score0.16212EPSS
Exploits2
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Medium: cifs-utils

Issue Overview: A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentia...

5.9CVSS6.7AI score0.00149EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.10 views

Important: edk2

Issue Overview: Potential use-after-free in DANE client code CVE-2026-28387 NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NU...

8.1CVSS5.4AI score0.00885EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.6 views

Medium: nodejs24

Issue Overview: @isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service DoS issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric...

9.2CVSS5.3AI score0.00481EPSS
Exploits3
Amazon
Amazon
added 2026/04/30 12:0 a.m.5 views

Low: nodejs20

Issue Overview: A flaw was found in zlib. An attacker providing specially crafted input to the crc32combine64 or crc32combinegen64 functions could trigger an infinite loop within the x2nmodp function. This leads to excessive CPU consumption, which can result in a Denial of Service DoS for the...

5.5CVSS5.3AI score0.00204EPSS
Exploits1
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: cups

Issue Overview: OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, the RSS notifier allows .. path traversal in notify-recipient-uri e.g., rss:///../job.cache, letting a remote IPP client write RSS XML bytes outside...

7.8CVSS6.6AI score0.00502EPSS
Exploits4
Amazon
Amazon
added 2026/04/30 12:0 a.m.13 views

Medium: openssl

Issue Overview: NULL Pointer Dereference When Processing a Delta CRL NOTE: https://openssl-library.org/news/secadv/20260407.txt CVE-2026-28388 Possible NULL dereference when processing CMS KeyAgreeRecipientInfo CVE-2026-28389 Possible NULL dereference when processing CMS KeyTransportRecipientInfo...

7.5CVSS5.2AI score0.00885EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.5 views

Important: python-jwcrypto

Issue Overview: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to 1.5.7, an unauthenticated attacker can exhaust server memory by sending crafted JWE tokens with ZIP compression. The existing patch for CVE-2024-28102 limits input token size to 250KB but does...

5.3CVSS6.1AI score0.00294EPSS
Exploits1
Amazon
Amazon
added 2026/04/30 12:0 a.m.5 views

Important: openexr

Issue Overview: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signe...

8.6CVSS5.4AI score0.00482EPSS
Exploits3
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a single zero byte is written out of the bounds. This issue has been fixed in versions...

7.8CVSS5.8AI score0.0051EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-18 and 6.9.13-43, an out-of-bounds write of a zero byte exists in the X11 display interaction path that could lead to a crash. Versions 7.1.2-18 and 6.9.13-43 patch the...

7.5CVSS5.7AI score0.0051EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.9 views

Important: OpenEXR

Issue Overview: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that...

8.6CVSS5.5AI score0.00482EPSS
Exploits2
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: flatpak

Issue Overview: A complete sandbox escape vulnerability exists in Flatpak before 1.16.4. The Flatpak portal accepts paths in the sandbox-expose options which can be app-controlled symlinks pointing at arbitrary paths. Flatpak run mounts the resolved host path in the sandbox, giving apps access to...

10CVSS8.2AI score0.0168EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Important: xorg-x11-server

Issue Overview: XKB Integer Underflow in XkbSetCompatMap CVE-2026-33999 XSYNC Use-after-free in miSyncTriggerFence CVE-2026-34001 XKB Out-of-bounds read in CheckModifierMap CVE-2026-34002 XKB Buffer overflow in CheckKeyTypes CVE-2026-34003 Affected Packages: xorg-x11-server Note: This advisory is...

7.8CVSS5.3AI score0.00489EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Important: tigervnc

Issue Overview: XKB Integer Underflow in XkbSetCompatMap CVE-2026-33999 XSYNC Use-after-free in miSyncTriggerFence CVE-2026-34001 XKB Out-of-bounds read in CheckModifierMap CVE-2026-34002 XKB Buffer overflow in CheckKeyTypes CVE-2026-34003 Affected Packages: tigervnc Note: This advisory is...

7.8CVSS5.3AI score0.00489EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: libarchive

Issue Overview: A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could...

9.8CVSS6.7AI score0.01073EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.7 views

Medium: perl-Net-CIDR-Lite

Issue Overview: Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. packipv6 does not check that uncompressed IPv6 addresses without :: have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and produce...

7.5CVSS6.4AI score0.00309EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.11 views

Medium: python3-pytest

Issue Overview: pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to cause a denial of service or possibly gain privileges. CVE-2025-71176 Affected Packages: python3-pytest Note: This advisory is applicable to Amazon Linux 2 AL2...

6.8CVSS5.4AI score0.0014EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Medium: gstreamer-plugins-good

Issue Overview: An out-of-bounds read in the WAV parser that can cause crashes for certain input files. CVE-2026-1940 Affected Packages: gstreamer-plugins-good Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and A...

5.1CVSS7.9AI score0.00225EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Medium: clamav1.5

Issue Overview: A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker...

5.3CVSS5.4AI score0.00414EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.9 views

Medium: clamav1.4

Issue Overview: A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker...

5.3CVSS5.4AI score0.00414EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.9 views

Medium: clamav1.4

Issue Overview: A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker...

5.3CVSS5.5AI score0.00414EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.10 views

Important: python3.9

Issue Overview: The fix for CVE-2026-0672, which rejected control characters in http.cookies.Morsel, was incomplete. The Morsel.update, |= operator, and unpickling paths were not patched, allowing control characters to bypass input validation. Additionally, BaseCookie.jsoutput lacked the output...

9.1CVSS4.7AI score0.00579EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Important: xorg-x11-server-Xwayland

Issue Overview: XKB Integer Underflow in XkbSetCompatMap CVE-2026-33999 XKB Out-of-bounds Read in CheckSetGeom CVE-2026-34000 XSYNC Use-after-free in miSyncTriggerFence CVE-2026-34001 XKB Out-of-bounds read in CheckModifierMap CVE-2026-34002 XKB Buffer overflow in CheckKeyTypes CVE-2026-34003...

7.8CVSS5.3AI score0.00489EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.6 views

Important: tigervnc

Issue Overview: XKB Integer Underflow in XkbSetCompatMap CVE-2026-33999 XKB Out-of-bounds Read in CheckSetGeom CVE-2026-34000 XSYNC Use-after-free in miSyncTriggerFence CVE-2026-34001 XKB Out-of-bounds read in CheckModifierMap CVE-2026-34002 XKB Buffer overflow in CheckKeyTypes CVE-2026-34003...

7.8CVSS5.2AI score0.00489EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.6 views

Important: xorg-x11-server

Issue Overview: XKB Integer Underflow in XkbSetCompatMap CVE-2026-33999 XKB Out-of-bounds Read in CheckSetGeom CVE-2026-34000 XSYNC Use-after-free in miSyncTriggerFence CVE-2026-34001 XKB Out-of-bounds read in CheckModifierMap CVE-2026-34002 XKB Buffer overflow in CheckKeyTypes CVE-2026-34003...

7.8CVSS5.2AI score0.00489EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.40 views

Important: glibc

Issue Overview: The iconv function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing...

7.5CVSS5.2AI score0.00357EPSS
Exploits1
Amazon
Amazon
added 2026/04/30 12:0 a.m.14 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nvme: fix memory allocation in nvmeprreadkeys CVE-2026-23244 In the Linux kernel, the following vulnerability has been resolved: net/sched: actgate: snapshot parameters with RCU on replace CVE-2026-23245 In the...

7.8CVSS5.8AI score0.00164EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.10 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: remove refcounting in expectation dumpers CVE-2025-39764 In the Linux kernel, the following vulnerability has been resolved: ipv6: use RCU in ip6xmit CVE-2025-40135 In the Linux kernel, the...

9.8CVSS6.1AI score0.00514EPSS
Exploits2
Amazon
Amazon
added 2026/04/30 12:0 a.m.26 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata CVE-2025-71265 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: check return value of indxfind to avoid...

9.8CVSS5.4AI score0.00686EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Medium: libssh

Issue Overview: libssh OOB Read in sftpparselongname CVE-2026-0968 Affected Packages: libssh Issue Correction: Run dnf update libssh --releasever 2023.11.20260427 or dnf update --advisory ALAS2023-2026-1632 --releasever 2023.11.20260427 to update your system. More information on how to update you...

3.1CVSS5.2AI score0.00442EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.8 views

Medium: python3.13-tornado

Issue Overview: In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.setcookie were not checked for crafted characters. CVE-2026-35536 Affected Packages: python3.13-tornado Issue Correction: Run dnf update...

7.2CVSS5.2AI score0.00237EPSS
Exploits0
Amazon
Amazon
added 2026/04/30 12:0 a.m.6 views

Medium: python3.13

Issue Overview: The import hook in CPython that handles legacy .pyc files SourcelessFileLoader is incorrectly handled in FileLoader a base class and so does not use io.opencode to read the .pyc files. sys.audit handlers for this audit event therefore do not fire. CVE-2026-2297 The fix for...

6CVSS5.3AI score0.00621EPSS
Exploits0
Total number of security vulnerabilities8850