Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-27144 |
Description:
Nessus Plugin ID 234511 with High Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of containerd installed on the remote host is prior to 1.7.27-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-052 advisory. Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, .) to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters. (CVE-2025-27144)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Run 'yum update container...
CVSS: MEDIUM (6.6)
April 17th, 2025 (4 days ago)
|
|
CVE-2025-22871 |
Description:
Nessus Plugin ID 234512 with Critical Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of golang installed on the remote host is prior to 1.23.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2825 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permit request smuggling. (CVE-2025-22871)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Run 'yum update golang' to update your system.
Read more at https://www.tenable.com/plugins/nessus/234512
EPSS Score: 0.02%
April 17th, 2025 (4 days ago)
|
|
CVE-2017-9226 |
Description:
Nessus Plugin ID 234513 with Critical Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of php installed on the remote host is prior to 5.4.16-46. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2832 advisory. An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write or read occurs in next_state_val() during regular expression compilation. Octal numbers larger than 0xff are not handled correctly in fetch_token() and fetch_token_in_cc(). A malformed regular expression containing an octal number in the form of '\700' would produce an invalid code point value larger than 0xff in next_state_val(), resulting in an out-of-bounds write memory corruption. (CVE-2017-9226) A flaw was found in PHP. This issue occurs due to an uncaught integer overflow in PDO::quote() of PDO_SQLite returning an improperly quoted string. With the implementation of sqlite3_snprintf(), it is possible to force the function to return a single apostrophe if the function is called on user-supplied input without any length restrictions in place. (CVE-2022-31631) In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXP...
April 17th, 2025 (4 days ago)
|
|
CVE-2025-27363 |
🚨 Marked as known exploited on April 17th, 2025 (4 days ago).
Description:
Nessus Plugin ID 234514 with High Severity
Synopsis
The remote Amazon Linux 2023 host is missing a security update.
Description
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-925 advisory. An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild. (CVE-2025-27363)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Run 'dnf update freetype --releasever 2023.7.20250331' to update your system.
Read more at https://www.tenable.com/plugins/nessus/234514
CVSS: HIGH (8.1)
April 17th, 2025 (4 days ago)
|
|
CVE-2022-49179 |
Description:
Nessus Plugin ID 234515 with High Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of kernel installed on the remote host is prior to 4.14.355-276.618. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2826 advisory. In the Linux kernel, the following vulnerability has been resolved: block, bfq: don't move oom_bfqq (CVE-2022-49179) In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for real_dev (CVE-2022-49390) In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blk_mq_alloc_request_hctx() (CVE-2022-49720) In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4_ext_insert_extent() (CVE-2024-49883) In the Linux kernel, the following vulnerability has been resolved: slip: make slhc_remember() more robust against malicious packets (CVE-2024-50033) In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT (CVE-2024-53057) In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (CVE-2024-53103) In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() (CVE-2024-5...
April 17th, 2025 (4 days ago)
|
|
CVE-2025-2295 |
Description:
Nessus Plugin ID 234516 with Low Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2824 advisory. EDK2 contains a vulnerability in BIOS where a user may cause an Integer Overflow or Wraparound by network means. A successful exploitation of this vulnerability may lead to denial of service. (CVE-2025-2295)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Run 'yum update edk2' to update your system.
Read more at https://www.tenable.com/plugins/nessus/234516
CVSS: LOW (3.5)
April 17th, 2025 (4 days ago)
|
|
CVE-2024-55549 |
Description:
Nessus Plugin ID 234517 with High Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of libxslt installed on the remote host is prior to 1.1.28-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2823 advisory. xsltGetInheritedNsList in libxslt before 1.1.43 has a use-after-free issue related to exclusion of result prefixes. (CVE-2024-55549) numbers.c in libxslt before 1.1.43 has a use-after-free because, in nested XPath evaluations, an XPath context node can be modified but never restored. This is related to xsltNumberFormatGetValue, xsltEvalXPathPredicate, xsltEvalXPathStringNs, and xsltComputeSortResultInternal. (CVE-2025-24855)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Run 'yum update libxslt' to update your system.
Read more at https://www.tenable.com/plugins/nessus/234517
CVSS: HIGH (7.8)
April 17th, 2025 (4 days ago)
|
|
CVE-2020-11879 |
Description:
Nessus Plugin ID 234518 with Medium Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of evolution installed on the remote host is prior to 3.28.5-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2833 advisory. An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC6068) mailto?attach=... parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as demonstrated by an attach=. value. (CVE-2020-11879)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Run 'yum update evolution' to update your system.
Read more at https://www.tenable.com/plugins/nessus/234518
April 17th, 2025 (4 days ago)
|
|
CVE-2025-27111 |
Description:
Nessus Plugin ID 234519 with Medium Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of pcs installed on the remote host is prior to 0.9.169-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2822 advisory. Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit this by injecting escape sequences (such as newline characters) into the header, resulting in log injection. This vulnerability is fixed in 2.2.12, 3.0.13, and 3.1.11. (CVE-2025-27111)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Run 'yum update pcs' to update your system.
Read more at https://www.tenable.com/plugins/nessus/234519
CVSS: MEDIUM (6.9)
April 17th, 2025 (4 days ago)
|
|
CVE-2024-54677 |
Description:
Nessus Plugin ID 234520 with High Severity
Synopsis
The remote Amazon Linux 2 host is missing a security update.
Description
The version of tomcat installed on the remote host is prior to 7.0.76-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2829 advisory. Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. (CVE-2024-54677)Tenable has extracted the preceding description block directly from the tested product security advisory.Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Run 'yum update tomcat' to update your system.
Read more at https://www.tenable.com/plugins/nessus/234520
April 17th, 2025 (4 days ago)
|