Lucene search
K
AmazonRecent

8850 matches found

Amazon
Amazon
added 2 days ago5 views

Medium: ecs-init

Issue Overview: Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder Affected Packages: ecs-init Issue Correction: Run dnf update ecs-init --releasever 2023.12.20260629 or dnf update --advisory ALAS2023-2026-1906 --releasever 2023.12.20260629 to update your system. More...

5.7AI score
Exploits0
Amazon
Amazon
added 2 days ago6 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

9.4CVSS6AI score
Exploits0
Amazon
Amazon
added 2 days ago5 views

Medium: ecs-init

Issue Overview: Denial of Service due to Panic in AWS SDK for Go v2 SDK EventStream Decoder Affected Packages: ecs-init Note: This advisory is applicable to Amazon Linux 2 - Ecs Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL...

5.8AI score
Exploits0
Amazon
Amazon
added 2 days ago5 views

Important: containerd

Issue Overview: Memory exhaustion DoS causing OOM kill of containerd process NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq CVE-2026-47262 Image cache poisoning via unvalidated checkpoint image references, enabling cross-pod code execution NOTE:...

9.4CVSS6AI score
Exploits0
Amazon
Amazon
added 2 days ago5 views

Critical: rclone

Issue Overview: Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from th...

9.8CVSS5.9AI score0.00701EPSS
Exploits0
Amazon
Amazon
added 2 days ago5 views

Critical: rclone

Issue Overview: Rclone is a command-line program to sync files and directories to and from different cloud storage providers. From 1.46.0 until 1.74.3, rclone rcd --rc-serve accepts unauthenticated GET and HEAD requests to paths of the form: /remote:path/object. The remote value is parsed from th...

9.8CVSS5.8AI score0.00701EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: perl-Sereal-Decoder

Issue Overview: Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srldecoder.c, srlreadobject and srlreadhash process a COPY tag, a back-reference whose target byte the decoder re-decodes as a fresh tag. When that target byte matches t...

8.1CVSS5.8AI score0.00399EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: freerdp

Issue Overview: FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using...

9.8CVSS6.7AI score0.03472EPSS
Exploits4
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: freerdp

Issue Overview: FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16MAX but performs copy operations using...

9.8CVSS6.7AI score0.03472EPSS
Exploits4
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: ecs-service-connect-agent

Issue Overview: A denial-of-service vulnerability was found in Envoy's HTTP/2 HPACK header compression implementation. A remote attacker could send a specially crafted HTTP/2 request that triggers disproportionately large memory allocations on the server, leading to resource exhaustion and denial...

7.5CVSS6.1AI score0.00708EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.9 views

Important: kernel-livepatch-6.12.79-101.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Medium: python-urllib3

Issue Overview: urllib3 is an HTTP client library for Python. From 1.23 to before 2.7.0, cross-origin redirects followed from the low-level API via ProxyManager.connectionfromurl.urlopen..., assertsamehost=False still forward these sensitive headers. This vulnerability is fixed in 2.7.0...

8.2CVSS5.8AI score0.00527EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: rtnetlink: add missing netlinknscapable check for peer netns CVE-2026-31692 Affected Packages: kernel Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

5.5CVSS5.7AI score0.00119EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Medium: perl-Storable

Issue Overview: Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...

10CVSS5.9AI score0.00641EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: gdal310

Issue Overview: In GDAL 3.1.0 through 3.13.0, scanForGeometryContainers in the netCDF driver allows code execution via a stack-based buffer overflow. It reads a geometry attribute into a fixed-size stack buffer without validating the attribute length. The attacker embeds the exploit as an oversiz...

7.8CVSS6.9AI score0.00102EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.4 views

Medium: python-mako

Issue Overview: Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.gettemplate is vulnerable to path traversal when a URI starts with // e.g., //../../../secret.txt. The root cause is an inconsistency between two slash-stripping implementations. Any file readable by the...

8.7CVSS5.8AI score0.00361EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.4 views

Important: clamav1.5

Issue Overview: rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, D...

9.8CVSS6AI score0.00298EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: perl-CryptX

Issue Overview: CryptX versions before 0.088001 for Perl have a stack buffer overflow in four AEAD decryptverify helpers. The gcmdecryptverify, ccmdecryptverify, chacha20poly1305decryptverify and eaxdecryptverify XS routines copied the caller-supplied authentication tag into a fixed 144-byte stac...

7.5CVSS6.2AI score0.00469EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Medium: perl-Unicode-LineBreak

Issue Overview: Text::LineFold versions through 2019.001 for Perl duplicate the output based on the number of special break characters. Text::LineFold splits the input string by specific line break characters such as VT, FF and others into segments, but applies the break function to the entire...

6.2CVSS5.8AI score0.002EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Medium: lcms2

Issue Overview: Little CMS lcms2 through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication. CVE-2026-41254 Affected Packages: lcms2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section f...

7.5CVSS5.9AI score0.00365EPSS
Exploits1
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Medium: libusbx

Issue Overview: libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor...

6.9CVSS6AI score0.00184EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Medium: perl-Cpanel-JSON-XS

Issue Overview: BOM-shift PV-corruption SIGABRT CVE-2026-9516 Affected Packages: perl-Cpanel-JSON-XS Issue Correction: Run dnf update perl-Cpanel-JSON-XS --releasever 2023.12.20260622 or dnf update --advisory ALAS2023-2026-1829 --releasever 2023.12.20260622 to update your system. More information...

7.5CVSS5.8AI score0.00375EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: perl-GD

Issue Overview: command injection via 2-arg open in makefilehandle CVE-2026-11526 Affected Packages: perl-GD Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum...

9.8CVSS5.8AI score0.01353EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: perl-GD

Issue Overview: command injection via 2-arg open in makefilehandle CVE-2026-11526 Affected Packages: perl-GD Issue Correction: Run dnf update perl-GD --releasever 2023.12.20260622 or dnf update --advisory ALAS2023-2026-1890 --releasever 2023.12.20260622 to update your system. More information on...

9.8CVSS5.8AI score0.01353EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Medium: rust

Issue Overview: gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all symlin...

7.8CVSS7AI score0.00248EPSS
Exploits1
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Medium: rust

Issue Overview: gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out with gitoxide, permit writing an attacker-controlled symlink into any existing directory the user has write access to. During checkout, all symlin...

7.8CVSS7AI score0.00248EPSS
Exploits1
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: poppler

Issue Overview: A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation,...

7.8CVSS6.1AI score0.00252EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: compat-poppler22

Issue Overview: A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the tilingPatternFill function. This overflow leads to an undersized heap memory allocation,...

7.8CVSS6.1AI score0.00252EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: libinput

Issue Overview: A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device ...

9.8CVSS6.4AI score0.00498EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: libinput

Issue Overview: A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device ...

9.8CVSS6.4AI score0.00498EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: graphite2

Issue Overview: Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range. CVE-2026-50593 Affected Packages: graphite2 Issue Correction: Run dnf update graphite2...

7.3CVSS5.8AI score0.00112EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.4 views

Medium: amazon-ssm-agent

Issue Overview: go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smart-HTTP clone and fetch operations. This issue has been patched in versions 5.18.0...

7.4CVSS5.7AI score0.00259EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: graphite2

Issue Overview: Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range. CVE-2026-50593 Affected Packages: graphite2 Note: This advisory is applicable to Amazon Linux...

7.3CVSS5.8AI score0.00112EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: libnfs

Issue Overview: libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfszdrstring in lib/libnfs-zdr.c. CVE-2026-53689 Affected Packages: libnfs Note: This advisory is applicable to Amazon...

7.1CVSS5.9AI score0.00192EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Low: perl-HTML-Parser

Issue Overview: HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in...

7.5CVSS6AI score0.0031EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.4 views

Medium: amazon-ssm-agent

Issue Overview: go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials when following redirects during smart-HTTP clone and fetch operations. This issue has been patched in versions 5.18.0...

7.4CVSS5.7AI score0.00259EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: libnfs

Issue Overview: libnfs through 6.0.2 before 55c18ea does not validate a string size, leading to an integer overflow during a connection to a crafted NFS server. This occurs in libnfszdrstring in lib/libnfs-zdr.c. CVE-2026-53689 Affected Packages: libnfs Issue Correction: Run dnf update libnfs...

7.1CVSS5.8AI score0.00192EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Low: perl-HTML-Parser

Issue Overview: HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in...

7.5CVSS6AI score0.0031EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: jpegxl

Issue Overview: Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc. CVE-2025-70103 Affected Packages: jpegxl Issue Correction: Run dnf update jpegxl --releasever 2023.12.20260622 or dnf update...

7.3CVSS6.1AI score0.00367EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.9 views

Medium: webkitgtk4

Issue Overview: The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process...

8.8CVSS6.6AI score0.00693EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: perl-DBI

Issue Overview: DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders...

9.8CVSS6.3AI score0.00413EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: perl-DBI

Issue Overview: DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders...

9.8CVSS6.3AI score0.00413EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.6 views

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, a crafted MVG file could result in a stack overflow due to a missing depth or visited-set check. This issue has been patched in versions 6.9.13-...

7.5CVSS6AI score0.00346EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: ImageMagick

Issue Overview: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-49 and 7.1.2-24, an infinite loop in the subimage-search operation can happen when using a crafted image. This issue has been patched in versions 6.9.13-49 and...

7.5CVSS6AI score0.00353EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Medium: ImageMagick

Issue Overview: When writing an IPTC output file a malicious input file could cause an out of bounds read of a single byte. as per: https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7wff-wpr6-vmhm CVE-2026-42326 Due to a missing check in the PSD decoder it would be possible to...

7.5CVSS6.1AI score0.01849EPSS
Exploits2
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: kernel-livepatch-6.12.83-113.160

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.12.80-106.156

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.5 views

Important: kernel-livepatch-6.12.88-119.157

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.4 views

Important: kernel-livepatch-6.12.88-119.160

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Amazon
Amazon
added 2026/06/22 12:0 a.m.7 views

Important: kernel-livepatch-6.12.90-120.164

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry CVE-2026-46316 In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Reassign nestedmmus array behind...

9.3CVSS5.8AI score0.0018EPSS
Exploits0
Total number of security vulnerabilities8850