Lucene search
K
AmazonRecent

8850 matches found

Amazon
Amazon
added 2023/12/04 12:0 a.m.5 views

Important: gstreamer1-plugins-bad-free

Issue Overview: gstreamer: AV1 codec parser heap-based buffer overflow CVE-2023-44429 gstreamer: MXF demuxer use-after-free vulnerability CVE-2023-44446 Affected Packages: gstreamer1-plugins-bad-free Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section f...

8.8CVSS7.5AI score0.02189EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.5 views

Important: squid

Issue Overview: Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using --with-openssl are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a...

8.6CVSS6.5AI score0.05955EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.2 views

Medium: openssl11

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

5.3CVSS7.8AI score0.04459EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.3 views

Medium: openssl

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

5.3CVSS7.8AI score0.04459EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.3 views

Medium: openssl-snapsafe

Issue Overview: Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that...

5.3CVSS7.8AI score0.04459EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.18 views

Medium: amazon-efs-utils

Issue Overview: efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to...

4.2CVSS4.5AI score0.0059EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.4 views

Important: kernel-livepatch-4.14.322-244.539

Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Affected Packages: kernel-livepatch-4.14.322-244.539 Issue Correction: Please...

7.5CVSS7AI score0.00544EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.30 views

Important: microcode_ctl

Issue Overview: An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable “Icelake“ processors. The issue may allow a local third-party actor using such instructions to cause a denial of service DOS or achieve privilege escalation. CVE-2023-23583...

8.8CVSS7AI score0.01728EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.3 views

Medium: avahi

Issue Overview: A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the clientwork function, allowing a local attacker to trigger an infinite loop. The highest threat from this...

5.5CVSS6.5AI score0.0045EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.3 views

Important: xorg-x11-server

Issue Overview: A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod mode. If the pointer is warped from a screen 1 to a screen 0, a use-after-free...

7CVSS6.9AI score0.00536EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.3 views

Important: libtiff

Issue Overview: An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. CVE-2023-6277 Affected Packages: libtiff Note: This advisory is applicable to Amazon...

6.5CVSS6.7AI score0.01825EPSS
Exploits1
Amazon
Amazon
added 2023/12/04 12:0 a.m.5 views

Important: compat-libtiff3

Issue Overview: An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. CVE-2023-6277 Affected Packages: compat-libtiff3 Note: This advisory is applicable to...

6.5CVSS6.7AI score0.01825EPSS
Exploits1
Amazon
Amazon
added 2023/12/04 12:0 a.m.4 views

Important: kernel-livepatch-5.10.192-183.736

Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 A use-after-free vulnerability in the Linux kernel's netfilter: nftables compone...

7.8CVSS6.8AI score0.00544EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.9 views

Important: kernel-livepatch-5.10.192-182.736

Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 A use-after-free vulnerability in the Linux kernel's netfilter: nftables compone...

7.8CVSS6.8AI score0.00544EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.10 views

Medium: virtuoso-opensource

Issue Overview: An issue in the libcmalloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS via crafted SQL statements. CVE-2023-31607 An issue in the dfeunitcolloci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Deni...

7.5CVSS7.6AI score0.00905EPSS
Exploits19
Amazon
Amazon
added 2023/12/04 12:0 a.m.4 views

Medium: python-wheel

Issue Overview: An issue discovered in Python Packaging Authority PyPA Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. CVE-2022-40898 Affected Packages: python-wheel Note: This advisory is applicable to Amazon Linux 2 AL2...

7.5CVSS6.9AI score0.02659EPSS
Exploits1
Amazon
Amazon
added 2023/12/04 12:0 a.m.4 views

Low: vim

Issue Overview: Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit 25aabc2b which has been included in...

4.3CVSS6.9AI score0.00749EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.31 views

Important: xorg-x11-server

Issue Overview: A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in...

7.8CVSS7.4AI score0.00715EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.3 views

Important: kernel-livepatch-4.14.322-246.539

Issue Overview: An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Affected Packages: kernel-livepatch-4.14.322-246.539 Issue Correction: Please...

7.5CVSS7AI score0.00544EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.2 views

Medium: mailman

Issue Overview: In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS. CVE-2021-43331 In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password...

6.5CVSS7.2AI score0.01284EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.47 views

Important: kernel

Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests...

7.8CVSS7AI score0.00888EPSS
Exploits1
Amazon
Amazon
added 2023/12/04 12:0 a.m.5 views

Low: uriparser

Issue Overview: An issue was discovered in uriparser before 0.9.6. It performs invalid free operations in uriNormalizeSyntax. CVE-2021-46142 Affected Packages: uriparser Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2...

5.5CVSS7.1AI score0.01095EPSS
Exploits1
Amazon
Amazon
added 2023/12/04 12:0 a.m.2 views

Medium: jettison

Issue Overview: Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of servic...

7.5CVSS9.3AI score0.01287EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.8 views

Important: php

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitsetsetrange during regular expression compilation due to an uninitialized variable from an incorrect state...

9.8CVSS8.2AI score0.06261EPSS
Exploits3
Amazon
Amazon
added 2023/12/04 12:0 a.m.3 views

Medium: net-snmp

Issue Overview: A flaw was found in net-snmp. A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access issue. CVE-2022-24805 A flaw was found in net-snmp. This issue occurs due to improper input validation when simultaneously setting malformed...

8.8CVSS7.2AI score0.01299EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.6 views

Low: advancecomp

Issue Overview: advancecomp has a segmentation fault on invalid MNG size CVE-2023-2961 Affected Packages: advancecomp Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Ru...

3.3CVSS7AI score0.0019EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.4 views

Medium: dovecot

Issue Overview: An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect usernamefilter and mechanism settings can be applied to passdb definitions. These incorrectly applied...

8.8CVSS7.1AI score0.01748EPSS
Exploits1
Amazon
Amazon
added 2023/12/04 12:0 a.m.5 views

Medium: indent

Issue Overview: GNU indent 2.2.13 has a heap-based buffer overflow in searchbrace in indent.c via a crafted file. CVE-2023-40305 Affected Packages: indent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

5.5CVSS7.4AI score0.00424EPSS
Exploits1
Amazon
Amazon
added 2023/12/04 12:0 a.m.4 views

Medium: python-pip

Issue Overview: When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how...

5.5CVSS6.8AI score0.00476EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.45 views

Low: containerd

Issue Overview: Containerd is not affected by CVE-2023-39325. While it contains the affected module, it does not use it in a way that exposes users to CVE-2023-39325. Affected Packages: containerd Issue Correction: Run yum update containerd or yum update --advisory ALAS-2023-1888 to update your...

7.5CVSS6.9AI score0.03796EPSS
Exploits0
Amazon
Amazon
added 2023/12/04 12:0 a.m.3 views

Medium: samba

Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...

6.5CVSS7.1AI score0.0153EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.4 views

Medium: containerd

Issue Overview: containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to...

7.8CVSS7AI score0.00482EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.4 views

Medium: containerd

Issue Overview: A flaw was found in containerd. Access controls for the shim API socket verified that a connecting process had an effective UID of 0, but otherwise did not restrict access to the abstract Unix domain socket. This could allow malicious containers running in the same network namespa...

5.2CVSS6.8AI score0.03236EPSS
Exploits4
Amazon
Amazon
added 2023/11/16 12:0 a.m.4 views

Medium: containerd

Issue Overview: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 Affected Packages: containerd Note: This advisory is applicable to...

7.5CVSS6.9AI score0.02513EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.5 views

Medium: containerd

Issue Overview: In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. CVE-2022-27664 Affected Packages: containerd Note: This advisory is applicable to...

7.5CVSS6.9AI score0.02513EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.8 views

Important: kernel

Issue Overview: An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kern...

7.8CVSS6.5AI score0.00856EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.2 views

Medium: containerd

Issue Overview: A flaw was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when...

5.9CVSS6.9AI score0.00492EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.12 views

Important: kernel

Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO...

7.8CVSS6.5AI score0.00856EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.4 views

Important: kernel

Issue Overview: A race condition between two functions, lmLogClose and txEnd, in the Linux kernel's JFS filesystem can lead to a use-after-free vulnerability and crash. CVE-2023-3397 In the Linux kernel, the following vulnerability has been resolved: usb: hub: Guard against accesses to...

7.8CVSS6.5AI score0.00856EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.4 views

Medium: containerd

Issue Overview: The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manife...

5CVSS6.9AI score0.02085EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.5 views

Medium: docker

Issue Overview: The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Image Specification, the manifest and index documents were not self-describing and documents with a single digest could be interpreted as either a manife...

5CVSS6.9AI score0.02085EPSS
Exploits0
Amazon
Amazon
added 2023/11/16 12:0 a.m.6 views

Medium: containerd

Issue Overview: A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host's filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to...

6.8CVSS6.7AI score0.01608EPSS
Exploits2
Amazon
Amazon
added 2023/11/16 12:0 a.m.3 views

Medium: containerd

Issue Overview: A bug was found in containerd where containers launched through containerd's CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on...

7.5CVSS7AI score0.27392EPSS
Exploits4
Amazon
Amazon
added 2023/11/16 12:0 a.m.4 views

Important: firefox

Issue Overview: A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash. Note: This advisory was added on December 13th, 2022 after discovering it was...

9.8CVSS8.5AI score0.0162EPSS
Exploits2
Amazon
Amazon
added 2023/11/15 12:0 a.m.4 views

Medium: re2c

Issue Overview: A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/deadrules.cc. CVE-2022-23901 Affected Packages: re2c Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras...

9.8CVSS7.3AI score0.01563EPSS
Exploits1
Amazon
Amazon
added 2023/11/15 12:0 a.m.3 views

Important: microcode_ctl

Issue Overview: An issue was found in redundant REX instruction prefix values affecting third generation Intel Xeon Scalable “Icelake“ processors. The issue may allow a local third-party actor using such instructions to cause a denial of service DOS or achieve privilege escalation. CVE-2023-23583...

8.8CVSS6.5AI score0.01728EPSS
Exploits0
Amazon
Amazon
added 2023/11/15 12:0 a.m.5 views

Medium: qemu

Issue Overview: A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead potentially overwriting the VM's boot code. This could be used, for example, by L2 guests with a virtual disk vdiskL2 stored on a virtual disk of an L...

7CVSS6.8AI score0.00231EPSS
Exploits0
Amazon
Amazon
added 2023/11/15 12:0 a.m.3 views

Important: nerdctl

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 Text nodes not in the HTML namespace are incorrectly literally rendered,...

7.5CVSS6.2AI score0.03796EPSS
Exploits0
Amazon
Amazon
added 2023/11/15 12:0 a.m.2 views

Important: xorg-x11-server

Issue Overview: A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in...

7.8CVSS7.2AI score0.00715EPSS
Exploits0
Amazon
Amazon
added 2023/11/15 12:0 a.m.6 views

Medium: amazon-efs-utils

Issue Overview: efs-utils is a set of Utilities for Amazon Elastic File System EFS. A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to...

4.2CVSS6.5AI score0.0059EPSS
Exploits0
Total number of security vulnerabilities8850