Lucene search
K
AmazonRecent

8850 matches found

Amazon
Amazon
added 2026/05/26 12:0 a.m.12 views

Important: kernel-livepatch-6.18.25-55.108

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.18.25-55.108 Issue Correction: Please ensure you have live patching enabled. R...

5.8AI score
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.14 views

Medium: nss

Issue Overview: Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. CVE-2026-6766 Other issue in the Libraries component in NSS. This vulnerability was fixed in Firefox 150,...

7.5CVSS5.8AI score0.00269EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.11 views

Important: python-pillow

Issue Overview: Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0. CVE-2026-42308 Pillow is...

8.6CVSS7.4AI score0.0015EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.7 views

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.12.80-105.147 Issue Correction: Please ensure you have live patching enabled...

5.8AI score
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Low: firefox

Issue Overview: libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. CVE-2026-41080 Affected Packages: firefox Note: This advisory is applicable to Amazon Linux 2 - Firefox Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extra...

7.5CVSS5.8AI score0.00379EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.10 views

Important: libreoffice

Issue Overview: NOTE: https://www.libreoffice.org/security/cve-2026-4430 NOTE: https://git.libreoffice.org/core/+/1ec3db717fa144ddff3e9b0a2338a82355cf365b CVE-2026-4430 Affected Packages: libreoffice Note: This advisory is applicable to Amazon Linux 2 - Libreoffice Extra. Visit this page to learn...

7.8CVSS5.8AI score0.00078EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Low: thunderbird

Issue Overview: libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. CVE-2026-41080 Affected Packages: thunderbird Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL...

7.5CVSS5.8AI score0.00379EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.16 views

Important: kernel-livepatch-5.10.252-250.992

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-5.10.252-250.992 Issue Correction: Please ensure you have live patching enabled. Run yum update...

7.8CVSS5.8AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.9 views

Important: kernel-livepatch-5.10.253-251.1014

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-5.10.253-251.1014 Issue Correction: Please ensure you have live patching enabled. Run yum update...

7.8CVSS5.8AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Important: kernel-livepatch-5.10.252-250.1016

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-5.10.252-250.1016 Issue Correction: Please ensure you have live patching enabled. Run yum update...

7.8CVSS5.8AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.16 views

Important: kernel-livepatch-6.1.166-197.305

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.1.166-197.305 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.10 views

Important: kernel-livepatch-6.1.168-202.320

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.1.168-202.320 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Important: kernel-livepatch-6.1.168-203.330

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.1.168-203.330 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.20 views

Important: kernel-livepatch-6.12.83-111.159

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.12.83-111.159 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.13 views

Important: kernel-livepatch-6.12.77-99.140

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.12.77-99.140 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.10 views

Important: kernel-livepatch-6.12.74-98.124

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.12.74-98.124 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.11 views

Important: kernel-livepatch-6.18.16-18.222

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.18.16-18.222 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Important: kernel-livepatch-6.12.73-95.123

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.12.73-95.123 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.14 views

Important: kernel-livepatch-6.18.15-14.217

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.18.15-14.217 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.16 views

Important: kernel-livepatch-5.10.253-252.1015

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-5.10.253-252.1015 Issue Correction: Please ensure you have live patching enabled. Run yum update...

7.8CVSS5.8AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Important: kernel-livepatch-5.10.252-250.1005

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-5.10.252-250.1005 Issue Correction: Please ensure you have live patching enabled. Run yum update...

7.8CVSS5.8AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.13 views

Important: kernel-livepatch-5.10.251-248.983

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-5.10.251-248.983 Issue Correction: Please ensure you have live patching enabled. Run yum update...

7.8CVSS5.8AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.16 views

Important: kernel-livepatch-6.1.164-196.303

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.1.164-196.303 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.17 views

Important: kernel-livepatch-6.1.163-186.299

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.1.163-186.299 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.12 views

Important: kernel-livepatch-6.1.170-210.320

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.1.170-210.320 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.17 views

Important: kernel-livepatch-6.12.80-105.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.12.80-105.147 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.21 views

Important: kernel-livepatch-6.1.170-208.319

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.1.170-208.319 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.17 views

Important: kernel-livepatch-6.12.80-106.156

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.12.80-106.156 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.12 views

Important: kernel-livepatch-6.18.25-52.107

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.18.25-52.107 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Important: kernel-livepatch-6.18.20-20.229

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.18.20-20.229 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.18 views

Important: kernel-livepatch-6.18.25-55.108

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.18.25-55.108 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.13 views

Important: kernel-livepatch-6.18.20-41.237

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.18.20-41.237 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.13 views

Important: kernel-livepatch-6.18.8-9.213

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.18.8-9.213 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Medium: ImageMagick

Issue Overview: Stack buffer overflow in XTileImage CVE-2026-42050 Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update...

5.5CVSS6AI score0.0013EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.13 views

Medium: openssh

Issue Overview: OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions. CVE-2026-35388 OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority tha...

8.1CVSS5.7AI score0.00176EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.12 views

Important: python-twisted

Issue Overview: The twisted.names module is vulnerable to a Denial of Service DoS attack via resource exhaustion during DNS name decompression. A remote, unauthenticated attacker can exploit this by sending a crafted TCP DNS packet containing deeply chained compression pointers. This flaw bypasse...

7.5CVSS5.8AI score0.00433EPSS
Exploits1
Amazon
Amazon
added 2026/05/26 12:0 a.m.17 views

Important: kernel-livepatch-6.12.79-101.147

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through pskbcopy CVE-2026-46300 Affected Packages: kernel-livepatch-6.12.79-101.147 Issue Correction: Please ensure you have live patching enabled. Run dnf update...

7.8CVSS6AI score0.03663EPSS
Exploits11
Amazon
Amazon
added 2026/05/26 12:0 a.m.10 views

Important: php

Issue Overview: In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains...

9.8CVSS6.1AI score0.00686EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.13 views

Important: php8.3

Issue Overview: In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains...

9.8CVSS6.4AI score0.0076EPSS
Exploits1
Amazon
Amazon
added 2026/05/26 12:0 a.m.9 views

Important: php8.5

Issue Overview: uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes. CVE-2026-42371 In uriparser before 1.0.2, there is pointer difference truncation to int in various places. CVE-2026-44927 In uriparser before 1.0.2, t...

9.8CVSS6.4AI score0.0076EPSS
Exploits1
Amazon
Amazon
added 2026/05/26 12:0 a.m.11 views

Important: php8.2

Issue Overview: In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains...

9.8CVSS6.4AI score0.0076EPSS
Exploits1
Amazon
Amazon
added 2026/05/26 12:0 a.m.15 views

Important: php

Issue Overview: In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains...

9.8CVSS6.5AI score0.0076EPSS
Exploits1
Amazon
Amazon
added 2026/05/26 12:0 a.m.13 views

Important: php8.4

Issue Overview: Global buffer over-read in mbconvertencoding with attacker-supplied encoding CVE-2026-6104 In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a...

9.8CVSS6.5AI score0.0076EPSS
Exploits1
Amazon
Amazon
added 2026/05/26 12:0 a.m.16 views

Medium: libsoup

Issue Overview: OOB Read via Integer Overflow on libsoup through libsoup/websocket/soup-websocket-connection.c via processframe leads to Undefined Behavior CVE-2026-0716 A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF Carriage Return Line Feed Injection,...

8.6CVSS7.3AI score0.00947EPSS
Exploits2
Amazon
Amazon
added 2026/05/26 12:0 a.m.17 views

Medium: openssh

Issue Overview: Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpktdisconnect on an error, which does not...

8.1CVSS7.1AI score0.0218EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.14 views

Important: openexr

Issue Overview: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, there is an integer overflow in...

9.8CVSS5.8AI score0.00393EPSS
Exploits3
Amazon
Amazon
added 2026/05/26 12:0 a.m.19 views

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE CVE-2026-23401 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriti...

9.8CVSS6.2AI score0.00469EPSS
Exploits3
Amazon
Amazon
added 2026/05/26 12:0 a.m.18 views

Important: unbound

Issue Overview: NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary c...

10CVSS6.6AI score0.01272EPSS
Exploits0
Amazon
Amazon
added 2026/05/26 12:0 a.m.11 views

Important: gnutls

Issue Overview: GnuTLS didn't check that DTLS fragments claimed a consistent messagelength value. Additionally, a crucial array size check was missing, enabling an attacker to cause a heap overwrite. CVE-2026-33846 A flaw was found in gnutls. This vulnerability occurs because gnutls performs...

9.8CVSS5.8AI score0.01335EPSS
Exploits1
Amazon
Amazon
added 2026/05/26 12:0 a.m.21 views

Important: kernel-livepatch-6.12.83-113.160

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 In the Linux kernel, the...

8.8CVSS6AI score0.93235EPSS
Exploits42
Total number of security vulnerabilities8850