| expat |
CVE-2025-59375 |
高危 |
2.5.0-5.el9_6 |
2.5.0-5.el9_7.1 |
firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-59375
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-15 03:15 修改: 2026-06-17 09:46
|
| expat |
CVE-2026-45186 |
高危 |
2.5.0-5.el9_6 |
2.5.0-6.el9_8.1 |
libexpat: denial of service via crafted XML input
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45186
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-05-10 07:16 修改: 2026-06-30 03:20
|
| gnupg2 |
CVE-2025-68973 |
高危 |
2.3.3-4.el9 |
2.3.3-5.el9_7 |
GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68973
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-12-28 17:16 修改: 2026-06-17 09:59
|
| gnutls |
CVE-2026-33845 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33845
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-30 18:16 修改: 2026-07-13 17:17
|
| gnutls |
CVE-2026-33846 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33846
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-05-04 10:15 修改: 2026-07-13 17:17
|
| gnutls |
CVE-2026-3832 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Security bypass allows acceptance of revoked server certificates via crafted OCSP response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3832
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-30 18:16 修改: 2026-07-13 17:17
|
| gnutls |
CVE-2026-3833 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: GnuTLS: Policy bypass due to case-sensitive nameConstraints comparison
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-3833
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-30 18:16 修改: 2026-07-13 22:16
|
| gnutls |
CVE-2026-42009 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42009
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-05-18 13:16 修改: 2026-07-14 12:17
|
| gnutls |
CVE-2026-42010 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Authentication Bypass via NUL Character in Username
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42010
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-05-07 12:16 修改: 2026-07-14 12:17
|
| gnutls |
CVE-2026-42011 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Security bypass due to incorrect name constraint handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42011
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-05-07 15:16 修改: 2026-07-13 17:17
|
| gnutls |
CVE-2026-42012 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Certificate validation bypass due to improper handling of URI and SRV SANs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42012
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-05-26 22:16 修改: 2026-07-13 17:17
|
| gnutls |
CVE-2026-42013 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Certificate validation bypass due to oversized Subject Alternative Name
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42013
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-05-26 22:16 修改: 2026-07-13 17:17
|
| gnutls |
CVE-2026-42014 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Use-after-free in gnutls_pkcs11_token_set_pin
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42014
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-16 02:16 修改: 2026-07-13 21:16
|
| gnutls |
CVE-2026-42015 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Memory corruption due to off-by-one error in PKCS#12 bag handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42015
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-05-26 22:16 修改: 2026-07-13 17:17
|
| gnutls |
CVE-2026-5260 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5260
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-05-26 22:16 修改: 2026-07-13 17:18
|
| gnutls |
CVE-2026-5419 |
高危 |
3.8.3-6.el9 |
3.8.10-4.el9_8 |
gnutls: gnutls: Information disclosure via timing side-channel in PKCS#7 padding removal
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5419
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-01 21:16 修改: 2026-07-13 22:16
|
| go-srpm-macros |
CVE-2025-61726 |
高危 |
3.6.0-10.el9_6 |
3.6.0-13.el9_7 |
golang: net/url: Memory exhaustion in query parameter parsing in net/url
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-61726
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-28 20:16 修改: 2026-07-10 12:16
|
| go-srpm-macros |
CVE-2026-25679 |
高危 |
3.6.0-10.el9_6 |
3.6.0-14.el9_7 |
net/url: Incorrect parsing of IPv6 host literals in net/url
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25679
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-06 22:16 修改: 2026-07-10 12:16
|
| jq |
CVE-2026-39979 |
高危 |
1.6-17.el9_6.2 |
1.6-19.el9_8.2 |
jq: out-of-bounds read in jv_parse_sized() on error formatting for non-NUL-terminated buffers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-39979
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-13 23:16 修改: 2026-07-10 12:16
|
| jq |
CVE-2026-40164 |
高危 |
1.6-17.el9_6.2 |
1.6-19.el9_8.2 |
jq: jq: Denial of Service via crafted JSON object causing hash collisions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40164
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-14 00:16 修改: 2026-07-10 12:16
|
| krb5-libs |
CVE-2026-40355 |
高危 |
1.21.1-6.el9 |
1.21.1-10.el9_8 |
krb5: MIT Kerberos 5: Denial of Service via NULL pointer dereference in NegoEx mechanism
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40355
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-28 06:16 修改: 2026-07-08 12:48
|
| krb5-libs |
CVE-2026-40356 |
高危 |
1.21.1-6.el9 |
1.21.1-10.el9_8 |
krb5: MIT Kerberos 5 (krb5): Denial of Service via integer underflow and out-of-bounds read
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-40356
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-28 07:16 修改: 2026-07-08 12:48
|
| libarchive |
CVE-2025-5914 |
高危 |
3.5.3-4.el9.0.1 |
3.5.3-6.el9_6 |
libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5914
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-06-09 20:15 修改: 2026-06-30 11:16
|
| libarchive |
CVE-2026-4111 |
高危 |
3.5.3-4.el9.0.1 |
3.5.3-7.el9_7 |
libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4111
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-13 19:55 修改: 2026-06-30 03:20
|
| libarchive |
CVE-2026-4424 |
高危 |
3.5.3-4.el9.0.1 |
3.5.3-9.el9_7 |
libarchive: libarchive: Information disclosure via heap out-of-bounds read in RAR archive processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4424
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-19 15:16 修改: 2026-06-30 03:20
|
| libarchive |
CVE-2026-5121 |
高危 |
3.5.3-4.el9.0.1 |
3.5.3-9.el9_7 |
libarchive: libarchive: Arbitrary code execution via integer overflow in ISO9660 image processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5121
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-30 08:16 修改: 2026-06-17 10:58
|
| libbrotli |
CVE-2025-6176 |
高危 |
1.0.9-7.el9_5 |
1.0.9-9.el9_7 |
Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6176
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-10-31 00:15 修改: 2026-06-17 10:01
|
| libcap |
CVE-2026-4878 |
高危 |
2.48-9.el9_2 |
2.48-10.el9_7.1 |
libcap: libcap: Privilege escalation via TOCTOU race condition in cap_set_file()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4878
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-09 16:16 修改: 2026-07-14 12:17
|
| libnghttp2 |
CVE-2026-27135 |
高危 |
1.43.0-6.el9 |
1.43.0-6.el9_7.1 |
nghttp2: nghttp2: Denial of Service via malformed HTTP/2 frames after session termination
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-27135
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-18 18:16 修改: 2026-06-30 03:17
|
| libxml2 |
CVE-2025-49794 |
高危 |
2.9.13-9.el9_6 |
2.9.13-10.el9_6 |
libxml: Heap use after free (UAF) leads to Denial of service (DoS)
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49794
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-06-16 16:15 修改: 2026-06-29 21:16
|
| libxml2 |
CVE-2025-49796 |
高危 |
2.9.13-9.el9_6 |
2.9.13-10.el9_6 |
libxml: Type confusion leads to Denial of service (DoS)
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-49796
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-06-16 16:15 修改: 2026-06-29 21:16
|
| libxml2 |
CVE-2025-6021 |
高危 |
2.9.13-9.el9_6 |
2.9.13-10.el9_6 |
libxml2: Integer Overflow in xmlBuildQName() Leads to Stack Buffer Overflow in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6021
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-06-12 13:15 修改: 2026-06-30 11:16
|
| libxml2 |
CVE-2025-7425 |
高危 |
2.9.13-9.el9_6 |
2.9.13-11.el9_6 |
libxslt: libxml2: Heap Use-After-Free in libxslt caused by atype corruption in xmlAttrPtr
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-7425
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-10 14:15 修改: 2026-06-29 21:16
|
| openssl |
CVE-2025-11187 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:29
|
| openssl |
CVE-2025-15467 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16
|
| openssl |
CVE-2025-15468 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl |
CVE-2025-15469 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl |
CVE-2025-66199 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
|
| openssl |
CVE-2025-68160 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
|
| openssl |
CVE-2025-69418 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2025-69419 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2025-69420 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2025-69421 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl |
CVE-2026-22795 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl |
CVE-2026-22796 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl |
CVE-2026-34180 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-34181 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-34182 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-34183 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl |
CVE-2026-42764 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: NULL pointer dereference in QUIC server initial packet handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42766 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Possible NULL Dereference in Password-Based CMS Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42767 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42768 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42769 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-42770 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl |
CVE-2026-45445 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl |
CVE-2026-45446 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl |
CVE-2026-45447 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-07-14 12:17
|
| openssl |
CVE-2026-7383 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
|
| openssl |
CVE-2026-9076 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
|
| openssl-libs |
CVE-2025-11187 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11187
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:29
|
| openssl-libs |
CVE-2025-15467 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15467
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-30 03:16
|
| openssl-libs |
CVE-2025-15468 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15468
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl-libs |
CVE-2025-15469 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15469
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 08:37
|
| openssl-libs |
CVE-2025-66199 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-66199
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:56
|
| openssl-libs |
CVE-2025-68160 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-68160
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 09:58
|
| openssl-libs |
CVE-2025-69418 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69418
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69419 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69419
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69420 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via malformed TimeStamp Response
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69420
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2025-69421 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-69421
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:00
|
| openssl-libs |
CVE-2026-22795 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22795
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-libs |
CVE-2026-22796 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-7.el9_7 |
openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-22796
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-27 16:16 修改: 2026-06-17 10:20
|
| openssl-libs |
CVE-2026-34180 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: OpenSSL: Heap buffer over-read in ASN.1 decoding can lead to denial of service or information disclosure.
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34180
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34181 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34181
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34182 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: CMS AuthEnvelopedData Processing May Accept Forged Messages
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34182
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-34183 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34183
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:38
|
| openssl-libs |
CVE-2026-42764 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: NULL pointer dereference in QUIC server initial packet handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42764
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42766 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Possible NULL Dereference in Password-Based CMS Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42766
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42767 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: NULL Pointer Dereference in CRMF EncryptedValue Decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42767
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42768 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42768
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42769 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Trust-Anchor Substitution via cert/issuer Typo in CMP rootCaKeyUpdate
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42769
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-42770 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: FFC-DH Peer Validation Uses Attacker-Supplied q
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42770
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:48
|
| openssl-libs |
CVE-2026-45445 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45445
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl-libs |
CVE-2026-45446 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45446
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 10:52
|
| openssl-libs |
CVE-2026-45447 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-45447
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-07-14 12:17
|
| openssl-libs |
CVE-2026-7383 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-7383
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:02
|
| openssl-libs |
CVE-2026-9076 |
高危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-4.el9_8 |
openssl: OpenSSL: Denial of Service due to heap out-of-bounds read in CMS password-based decryption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-9076
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-06-09 17:17 修改: 2026-06-17 11:04
|
| pam |
CVE-2025-6020 |
高危 |
1.5.1-23.el9 |
1.5.1-26.el9_6 |
linux-pam: Linux-pam directory Traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6020
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-06-17 13:15 修改: 2026-06-30 11:16
|
| pam |
CVE-2025-8941 |
高危 |
1.5.1-23.el9 |
1.5.1-26.el9_6 |
linux-pam: Incomplete fix for CVE-2025-6020
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8941
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-08-13 15:15 修改: 2026-06-17 10:07
|
| perl-Archive-Tar |
CVE-2026-42496 |
高危 |
2.38-6.el9 |
2.38-6.el9_8.1 |
perl-archive-tar: perl-archive-tar: Path traversal via crafted symlinks allows arbitrary file access
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-42496
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-05-26 02:16 修改: 2026-06-30 03:19
|
| perl-IO-Compress |
CVE-2026-48962 |
高危 |
2.102-4.el9 |
2.102-4.el9_8.1 |
perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-48962
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-05-27 04:16 修改: 2026-06-30 03:20
|
| python3 |
CVE-2026-4519 |
高危 |
3.9.21-2.el9_6.2 |
3.9.25-7.el9_8 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20
|
| python3 |
CVE-2026-4786 |
高危 |
3.9.21-2.el9_6.2 |
3.9.25-7.el9_8 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17
|
| python3 |
CVE-2026-6100 |
高危 |
3.9.21-2.el9_6.2 |
3.9.25-7.el9_8 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21
|
| python3-libs |
CVE-2026-4519 |
高危 |
3.9.21-2.el9_6.2 |
3.9.25-7.el9_8 |
python: Python: Command-line option injection in webbrowser.open() via crafted URLs
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4519
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 15:16 修改: 2026-06-30 03:20
|
| python3-libs |
CVE-2026-4786 |
高危 |
3.9.21-2.el9_6.2 |
3.9.25-7.el9_8 |
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4786
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-13 22:16 修改: 2026-07-06 13:17
|
| python3-libs |
CVE-2026-6100 |
高危 |
3.9.21-2.el9_6.2 |
3.9.25-7.el9_8 |
python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-6100
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-13 18:16 修改: 2026-06-30 03:21
|
| sqlite-libs |
CVE-2025-6965 |
高危 |
3.34.1-7.el9_3 |
3.34.1-9.el9_7 |
sqlite: Integer Truncation in SQLite
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6965
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-15 14:15 修改: 2026-06-26 16:36
|
| vim-filesystem |
CVE-2026-28417 |
高危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-23.el9_7.2 |
vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28417
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-02-27 22:16 修改: 2026-06-17 10:28
|
| vim-filesystem |
CVE-2026-28421 |
高危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-23.el9_7.2 |
vim: Vim: Denial of service and information disclosure via crafted swap file
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28421
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-02-27 22:16 修改: 2026-06-17 10:28
|
| vim-filesystem |
CVE-2026-33412 |
高危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-23.el9_7.2 |
vim: Vim: Arbitrary code execution via command injection in glob() function
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-33412
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-24 20:16 修改: 2026-06-30 03:18
|
| vim-filesystem |
CVE-2026-34982 |
高危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-26.el9_8.4 |
vim: arbitrary command execution via modeline sandbox bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-34982
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-06 16:16 修改: 2026-07-07 12:16
|
| libssh-config |
CVE-2025-8114 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8114
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-24 15:15 修改: 2026-06-30 02:16
|
| libssh-config |
CVE-2025-8277 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Memory Exhaustion via Repeated Key Exchange in libssh
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8277
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-09-09 12:15 修改: 2026-06-30 09:16
|
| libssh-config |
CVE-2026-0964 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Improper sanitation of paths received from SCP servers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| libssh-config |
CVE-2026-0965 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: libssh: Denial of Service via improper configuration file handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| libssh-config |
CVE-2026-0966 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| libssh-config |
CVE-2026-0967 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: libssh: Denial of Service via inefficient regular expression processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| libssh-config |
CVE-2026-0968 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: libssh: Denial of Service due to malformed SFTP message
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| glibc-gconv-extra |
CVE-2026-4437 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-gconv-extra |
CVE-2026-4438 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-gconv-extra |
CVE-2026-5450 |
中危 |
2.34-168.el9_6.23 |
2.34-272.el9_8 |
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| glibc-langpack-en |
CVE-2025-15281 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
|
| libxml2 |
CVE-2025-32414 |
中危 |
2.9.13-9.el9_6 |
2.9.13-12.el9_6 |
libxml2: Out-of-Bounds Read in libxml2
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32414
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-04-08 03:15 修改: 2026-06-17 09:11
|
| libxml2 |
CVE-2025-32415 |
中危 |
2.9.13-9.el9_6 |
2.9.13-12.el9_6 |
libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32415
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-04-17 17:15 修改: 2026-06-17 09:11
|
| libxml2 |
CVE-2025-9714 |
中危 |
2.9.13-9.el9_6 |
2.9.13-14.el9_7 |
libxslt: libxml2: Inifinite recursion at exsltDynMapFunction function in libexslt/dynamic.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9714
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-09-10 19:15 修改: 2026-06-17 10:09
|
| glibc-langpack-en |
CVE-2026-0861 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: Integer overflow in memalign leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11
|
| glibc-langpack-en |
CVE-2026-0915 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: glibc: Information disclosure via zero-valued network query
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
|
| glibc-langpack-en |
CVE-2026-4046 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc-langpack-en |
CVE-2026-4437 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-langpack-en |
CVE-2026-4438 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-langpack-en |
CVE-2026-5450 |
中危 |
2.34-168.el9_6.23 |
2.34-272.el9_8 |
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| glibc-minimal-langpack |
CVE-2025-15281 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
|
| glibc-minimal-langpack |
CVE-2026-0861 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: Integer overflow in memalign leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11
|
| glibc-minimal-langpack |
CVE-2026-0915 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: glibc: Information disclosure via zero-valued network query
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
|
| glibc-minimal-langpack |
CVE-2026-4046 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc-minimal-langpack |
CVE-2026-4437 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-minimal-langpack |
CVE-2026-4438 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-minimal-langpack |
CVE-2026-5450 |
中危 |
2.34-168.el9_6.23 |
2.34-272.el9_8 |
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| coreutils-single |
CVE-2025-5278 |
中危 |
8.32-39.el9 |
8.32-41.el9_8 |
coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5278
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-05-27 21:15 修改: 2026-07-01 11:16
|
| curl |
CVE-2025-9086 |
中危 |
7.76.1-31.el9_6.1 |
7.76.1-35.el9_7.3 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
|
| binutils |
CVE-2025-11083 |
中危 |
2.35.2-63.el9 |
2.35.2-67.el9_7.1 |
binutils: GNU Binutils Linker heap-based overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11083
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-27 23:15 修改: 2026-06-17 08:29
|
| binutils-gold |
CVE-2025-11083 |
中危 |
2.35.2-63.el9 |
2.35.2-67.el9_7.1 |
binutils: GNU Binutils Linker heap-based overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-11083
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-27 23:15 修改: 2026-06-17 08:29
|
| glib2 |
CVE-2024-52533 |
中危 |
2.68.4-16.el9 |
2.68.4-16.el9_6.2 |
glib: buffer overflow in set_connect_msg()
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-52533
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2024-11-11 23:15 修改: 2026-06-17 08:07
|
| glib2 |
CVE-2025-13601 |
中危 |
2.68.4-16.el9 |
2.68.4-18.el9_7.1 |
glib: Integer overflow in in g_escape_uri_string()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13601
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-11-26 15:15 修改: 2026-06-30 00:16
|
| glib2 |
CVE-2025-14087 |
中危 |
2.68.4-16.el9 |
2.68.4-19.el9_8.1 |
glib: GLib: Buffer underflow in GVariant parser leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14087
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-12-10 09:15 修改: 2026-07-13 22:16
|
| glib2 |
CVE-2025-14512 |
中危 |
2.68.4-16.el9 |
2.68.4-19.el9_8.1 |
glib: Integer Overflow in GLib GIO Attribute Escaping Causes Heap Buffer Overflow
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14512
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-12-11 07:16 修改: 2026-07-13 17:16
|
| glib2 |
CVE-2025-4373 |
中危 |
2.68.4-16.el9 |
2.68.4-16.el9_6.2 |
glib: Buffer Underflow on GLib through glib/gstring.c via function g_string_insert_unichar
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4373
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-05-06 15:16 修改: 2026-06-30 11:16
|
| glibc |
CVE-2025-15281 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
|
| glibc |
CVE-2026-0861 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: Integer overflow in memalign leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11
|
| glibc |
CVE-2026-0915 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: glibc: Information disclosure via zero-valued network query
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
|
| glibc |
CVE-2026-4046 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| glibc |
CVE-2026-4437 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| openssl |
CVE-2025-9230 |
中危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-4.el9_7 |
openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
|
| openssl |
CVE-2026-28390 |
中危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-3.el9_8 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl |
CVE-2026-31790 |
中危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-2.el9_8 |
openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
|
| gnutls |
CVE-2025-14831 |
中危 |
3.8.3-6.el9 |
3.8.3-10.el9_7 |
gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-14831
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-02-09 15:16 修改: 2026-06-30 00:16
|
| gnutls |
CVE-2025-32988 |
中危 |
3.8.3-6.el9 |
3.8.3-6.el9_6.2 |
gnutls: Vulnerability in GnuTLS otherName SAN export
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32988
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-10 08:15 修改: 2026-06-30 01:16
|
| gnutls |
CVE-2025-32989 |
中危 |
3.8.3-6.el9 |
3.8.3-6.el9_6.2 |
gnutls: Vulnerability in GnuTLS SCT extension parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32989
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-10 08:15 修改: 2026-06-30 01:16
|
| gnutls |
CVE-2025-32990 |
中危 |
3.8.3-6.el9 |
3.8.3-6.el9_6.2 |
gnutls: Vulnerability in GnuTLS certtool template parsing
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-32990
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-10 10:15 修改: 2026-06-30 01:16
|
| gnutls |
CVE-2025-6395 |
中危 |
3.8.3-6.el9 |
3.8.3-6.el9_6.2 |
gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6395
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-10 16:15 修改: 2026-06-30 02:16
|
| gnutls |
CVE-2025-9820 |
中危 |
3.8.3-6.el9 |
3.8.3-10.el9_7 |
gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9820
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-26 20:16 修改: 2026-06-30 09:16
|
| glibc |
CVE-2026-4438 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc |
CVE-2026-5450 |
中危 |
2.34-168.el9_6.23 |
2.34-272.el9_8 |
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| go-srpm-macros |
CVE-2025-47906 |
中危 |
3.6.0-10.el9_6 |
3.6.0-12.el9_7 |
os/exec: Unexpected paths returned from LookPath in os/exec
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-47906
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-18 19:15 修改: 2026-06-17 09:28
|
| glibc-common |
CVE-2025-15281 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
|
| glibc-common |
CVE-2026-0861 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: Integer overflow in memalign leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11
|
| glibc-common |
CVE-2026-0915 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: glibc: Information disclosure via zero-valued network query
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
|
| glibc-common |
CVE-2026-4046 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| krb5-libs |
CVE-2023-36054 |
中危 |
1.21.1-6.el9 |
1.21.1-10.el9_8 |
krb5: Denial of service through freeing uninitialized pointer
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-36054
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2023-08-07 19:15 修改: 2026-06-17 06:05
|
| krb5-libs |
CVE-2023-39975 |
中危 |
1.21.1-6.el9 |
1.21.1-10.el9_8 |
krb5: double-free in KDC TGS processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-39975
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2023-08-16 15:15 修改: 2026-06-17 06:13
|
| krb5-libs |
CVE-2025-3576 |
中危 |
1.21.1-6.el9 |
1.21.1-8.el9_6 |
krb5: Kerberos RC4-HMAC-MD5 Checksum Vulnerability Enabling Message Spoofing via MD5 Collisions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-3576
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-04-15 06:15 修改: 2026-06-30 01:16
|
| glibc-common |
CVE-2026-4437 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Incorrect DNS response parsing via crafted DNS server response
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4437
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-common |
CVE-2026-4438 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Invalid DNS hostname returned via gethostbyaddr functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4438
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-20 20:16 修改: 2026-06-17 10:56
|
| glibc-common |
CVE-2026-5450 |
中危 |
2.34-168.el9_6.23 |
2.34-272.el9_8 |
glibc: glibc: Heap Buffer Overflow in `scanf` with `%mc` format specifier and large width
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-5450
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-20 21:16 修改: 2026-06-17 10:59
|
| glibc-gconv-extra |
CVE-2025-15281 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15281
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 14:16 修改: 2026-06-17 08:37
|
| libarchive |
CVE-2025-25724 |
中危 |
3.5.3-4.el9.0.1 |
3.5.3-5.el9_6 |
libarchive: Buffer Overflow vulnerability in libarchive
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-25724
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-03-02 02:15 修改: 2026-06-17 09:01
|
| glibc-gconv-extra |
CVE-2026-0861 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: Integer overflow in memalign leads to heap corruption
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0861
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-14 21:15 修改: 2026-06-17 10:11
|
| glibc-gconv-extra |
CVE-2026-0915 |
中危 |
2.34-168.el9_6.23 |
2.34-231.el9_7.10 |
glibc: glibc: Information disclosure via zero-valued network query
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0915
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-15 22:16 修改: 2026-06-17 10:11
|
| libcurl |
CVE-2025-9086 |
中危 |
7.76.1-31.el9_6.1 |
7.76.1-35.el9_7.3 |
curl: libcurl: Curl out of bounds read for cookie path
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9086
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-12 06:15 修改: 2026-06-17 10:08
|
| glibc-gconv-extra |
CVE-2026-4046 |
中危 |
2.34-168.el9_6.23 |
2.34-270.el9_8 |
glibc: glibc: Denial of Service via iconv() function with specific character sets
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-4046
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-30 18:16 修改: 2026-06-17 10:55
|
| libssh |
CVE-2025-4877 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Write beyond bounds in binary to base64 conversion functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4877
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-08-20 13:15 修改: 2026-06-30 11:16
|
| libssh |
CVE-2025-4878 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Use of uninitialized variable in privatekey_from_file()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4878
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-22 15:15 修改: 2026-06-30 11:16
|
| openssl-libs |
CVE-2025-9230 |
中危 |
1:3.2.2-6.el9_5.1 |
1:3.5.1-4.el9_7 |
openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-9230
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-09-30 14:15 修改: 2026-06-17 10:08
|
| openssl-libs |
CVE-2026-28390 |
中危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-3.el9_8 |
openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-28390
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:28
|
| openssl-libs |
CVE-2026-31790 |
中危 |
1:3.2.2-6.el9_5.1 |
1:3.5.5-2.el9_8 |
openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-31790
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-04-07 22:16 修改: 2026-06-17 10:34
|
| p11-kit |
CVE-2026-2100 |
中危 |
0.25.3-3.el9_5 |
0.26.2-1.el9 |
p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2100
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-07-13 17:17
|
| p11-kit-trust |
CVE-2026-2100 |
中危 |
0.25.3-3.el9_5 |
0.26.2-1.el9 |
p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-2100
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-07-13 17:17
|
| libssh |
CVE-2025-5318 |
中危 |
0.10.4-13.el9 |
0.10.4-15.el9_6 |
libssh: out-of-bounds read in sftp_handle()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5318
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-06-24 14:15 修改: 2026-06-30 11:16
|
| libssh |
CVE-2025-5351 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Double Free Vulnerability in libssh Key Export Functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5351
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-04 09:15 修改: 2026-06-30 11:16
|
| perf |
CVE-2023-53331 |
中危 |
5.14.0-570.49.1.el9_6 |
5.14.0-570.58.1.el9_6 |
kernel: pstore/ram: Check start of empty przs during init
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-53331
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-16 17:15 修改: 2026-06-17 06:44
|
| perf |
CVE-2023-53373 |
中危 |
5.14.0-570.49.1.el9_6 |
5.14.0-570.52.1.el9_6 |
kernel: crypto: seqiv - Handle EBUSY correctly
漏洞详情: https://avd.aquasec.com/nvd/cve-2023-53373
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-18 14:15 修改: 2026-06-17 06:45
|
| perf |
CVE-2025-38556 |
中危 |
5.14.0-570.49.1.el9_6 |
5.14.0-570.52.1.el9_6 |
kernel: HID: core: Harden s32ton() against conversion to 0 bits
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-38556
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-08-19 17:15 修改: 2026-06-17 09:17
|
| perf |
CVE-2025-38614 |
中危 |
5.14.0-570.49.1.el9_6 |
5.14.0-570.52.1.el9_6 |
kernel: eventpoll: Fix semi-unbounded recursion
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-38614
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-08-19 17:15 修改: 2026-06-17 09:17
|
| perf |
CVE-2025-39718 |
中危 |
5.14.0-570.49.1.el9_6 |
5.14.0-570.58.1.el9_6 |
kernel: vsock/virtio: Validate length in packet header before skb_put()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-39718
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-05 18:15 修改: 2026-06-17 09:18
|
| perf |
CVE-2025-39730 |
中危 |
5.14.0-570.49.1.el9_6 |
5.14.0-570.58.1.el9_6 |
kernel: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-39730
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-07 16:15 修改: 2026-06-17 09:18
|
| perf |
CVE-2025-39757 |
中危 |
5.14.0-570.49.1.el9_6 |
5.14.0-570.52.1.el9_6 |
kernel: ALSA: usb-audio: Validate UAC3 cluster segment descriptors
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-39757
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-11 17:15 修改: 2026-06-17 09:18
|
| perf |
CVE-2025-39819 |
中危 |
5.14.0-570.49.1.el9_6 |
5.14.0-570.58.1.el9_6 |
kernel: Linux kernel: Denial of Service via resource leak in SMB2 compound operations
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-39819
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-09-16 13:15 修改: 2026-06-17 09:18
|
| libssh |
CVE-2025-5987 |
中危 |
0.10.4-13.el9 |
0.10.4-17.el9_7 |
libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5987
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-07 15:15 修改: 2026-06-30 11:16
|
| libssh |
CVE-2025-8114 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8114
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-24 15:15 修改: 2026-06-30 02:16
|
| libssh |
CVE-2025-8277 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Memory Exhaustion via Repeated Key Exchange in libssh
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8277
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-09-09 12:15 修改: 2026-06-30 09:16
|
| libssh |
CVE-2026-0964 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Improper sanitation of paths received from SCP servers
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0964
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| libssh |
CVE-2026-0965 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: libssh: Denial of Service via improper configuration file handling
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0965
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| python3 |
CVE-2024-5642 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-2.el9_7 |
python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2024-06-27 21:15 修改: 2026-06-17 08:16
|
| python3 |
CVE-2025-12084 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
|
| python3 |
CVE-2025-15366 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7.1 |
cpython: IMAP command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 22:15 修改: 2026-07-09 18:16
|
| python3 |
CVE-2025-15367 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7.1 |
cpython: POP3 command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3 |
CVE-2025-6069 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-2.el9_7 |
cpython: Python HTMLParser quadratic complexity
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01
|
| python3 |
CVE-2025-6075 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-2.el9_7 |
python: Quadratic complexity in os.path.expandvars() with user-controlled template
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01
|
| python3 |
CVE-2025-8291 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-2.el9_7 |
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06
|
| python3 |
CVE-2026-0865 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7.1 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3 |
CVE-2026-1299 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7.1 |
cpython: email header injection due to unquoted newlines
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
|
| libssh |
CVE-2026-0966 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: libssh: Denial of Service via zero-length input in ssh_get_hexa()
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0966
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| libssh |
CVE-2026-0967 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: libssh: Denial of Service via inefficient regular expression processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0967
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| libssh |
CVE-2026-0968 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: libssh: Denial of Service due to malformed SFTP message
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0968
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-03-26 21:17 修改: 2026-06-17 10:11
|
| python3-libs |
CVE-2024-5642 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-2.el9_7 |
python: Invalid value for OpenSSL API may cause Buffer over-read when NPN is used
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-5642
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2024-06-27 21:15 修改: 2026-06-17 08:16
|
| python3-libs |
CVE-2025-12084 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7 |
cpython: python: cpython: Quadratic algorithm in xml.dom.minidom leads to denial of service
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-12084
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-12-03 19:15 修改: 2026-06-17 08:31
|
| python3-libs |
CVE-2025-15366 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7.1 |
cpython: IMAP command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15366
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 22:15 修改: 2026-07-09 18:16
|
| python3-libs |
CVE-2025-15367 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7.1 |
cpython: POP3 command injection in user-controlled commands
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-15367
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 22:15 修改: 2026-06-17 08:37
|
| python3-libs |
CVE-2025-6069 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-2.el9_7 |
cpython: Python HTMLParser quadratic complexity
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6069
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-06-17 14:15 修改: 2026-06-17 10:01
|
| python3-libs |
CVE-2025-6075 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-2.el9_7 |
python: Quadratic complexity in os.path.expandvars() with user-controlled template
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-6075
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-10-31 17:15 修改: 2026-06-17 10:01
|
| python3-libs |
CVE-2025-8291 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-2.el9_7 |
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-8291
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-10-07 18:16 修改: 2026-06-17 10:06
|
| python3-libs |
CVE-2026-0865 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7.1 |
cpython: wsgiref.headers.Headers allows header newline injection in Python
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-0865
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-20 22:15 修改: 2026-06-17 10:11
|
| python3-libs |
CVE-2026-1299 |
中危 |
3.9.21-2.el9_6.2 |
3.9.25-3.el9_7.1 |
cpython: email header injection due to unquoted newlines
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-1299
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-01-23 17:16 修改: 2026-06-17 10:15
|
| libssh-config |
CVE-2025-4877 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Write beyond bounds in binary to base64 conversion functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4877
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-08-20 13:15 修改: 2026-06-30 11:16
|
| systemd |
CVE-2025-4598 |
中危 |
252-51.el9_6.2 |
252-55.el9_7.7.rocky.0.1 |
systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-05-30 14:15 修改: 2026-06-30 11:16
|
| systemd |
CVE-2026-29111 |
中危 |
252-51.el9_6.2 |
252-67.el9_8.2.rocky.0.1 |
systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
|
| systemd-libs |
CVE-2025-4598 |
中危 |
252-51.el9_6.2 |
252-55.el9_7.7.rocky.0.1 |
systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-05-30 14:15 修改: 2026-06-30 11:16
|
| systemd-libs |
CVE-2026-29111 |
中危 |
252-51.el9_6.2 |
252-67.el9_8.2.rocky.0.1 |
systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
|
| systemd-pam |
CVE-2025-4598 |
中危 |
252-51.el9_6.2 |
252-55.el9_7.7.rocky.0.1 |
systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-05-30 14:15 修改: 2026-06-30 11:16
|
| systemd-pam |
CVE-2026-29111 |
中危 |
252-51.el9_6.2 |
252-67.el9_8.2.rocky.0.1 |
systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
|
| systemd-rpm-macros |
CVE-2025-4598 |
中危 |
252-51.el9_6.2 |
252-55.el9_7.7.rocky.0.1 |
systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4598
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-05-30 14:15 修改: 2026-06-30 11:16
|
| systemd-rpm-macros |
CVE-2026-29111 |
中危 |
252-51.el9_6.2 |
252-67.el9_8.2.rocky.0.1 |
systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-29111
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-03-23 22:16 修改: 2026-06-17 10:29
|
| vim-common |
CVE-2025-53905 |
中危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-22.el9_6.1 |
vim: Vim path traversial
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53905
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-07-15 21:15 修改: 2026-06-17 09:39
|
| vim-common |
CVE-2025-53906 |
中危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-22.el9_6.1 |
vim: Vim path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53906
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-07-15 21:15 修改: 2026-06-17 09:39
|
| vim-enhanced |
CVE-2025-53905 |
中危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-22.el9_6.1 |
vim: Vim path traversial
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53905
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-07-15 21:15 修改: 2026-06-17 09:39
|
| vim-enhanced |
CVE-2025-53906 |
中危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-22.el9_6.1 |
vim: Vim path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53906
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-07-15 21:15 修改: 2026-06-17 09:39
|
| libssh-config |
CVE-2025-4878 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Use of uninitialized variable in privatekey_from_file()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-4878
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-22 15:15 修改: 2026-06-30 11:16
|
| libssh-config |
CVE-2025-5318 |
中危 |
0.10.4-13.el9 |
0.10.4-15.el9_6 |
libssh: out-of-bounds read in sftp_handle()
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5318
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-06-24 14:15 修改: 2026-06-30 11:16
|
| libssh-config |
CVE-2025-5351 |
中危 |
0.10.4-13.el9 |
0.10.4-18.el9 |
libssh: Double Free Vulnerability in libssh Key Export Functions
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5351
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-04 09:15 修改: 2026-06-30 11:16
|
| libssh-config |
CVE-2025-5987 |
中危 |
0.10.4-13.el9 |
0.10.4-17.el9_7 |
libssh: Invalid return code for chacha20 poly1305 with OpenSSL backend
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-5987
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2025-07-07 15:15 修改: 2026-06-30 11:16
|
| vim-filesystem |
CVE-2025-53905 |
中危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-23.el9_7 |
vim: Vim path traversial
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53905
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-07-15 21:15 修改: 2026-06-17 09:39
|
| vim-filesystem |
CVE-2025-53906 |
中危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-23.el9_7 |
vim: Vim path traversal
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-53906
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2025-07-15 21:15 修改: 2026-06-17 09:39
|
| vim-filesystem |
CVE-2026-25749 |
中危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-23.el9_7.1 |
vim: Vim: Arbitrary code execution via 'helpfile' option processing
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-25749
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-02-06 23:15 修改: 2026-06-17 10:25
|
| vim-filesystem |
CVE-2026-35177 |
中危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-26.el9_8.5 |
vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-35177
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-06 18:16 修改: 2026-06-17 10:40
|
| vim-filesystem |
CVE-2026-41411 |
中危 |
2:8.2.2637-22.el9_6 |
2:8.2.2637-26.el9_8.6 |
vim: Vim: Command injection allows arbitrary code execution via malicious tag files
漏洞详情: https://avd.aquasec.com/nvd/cve-2026-41411
镜像层: sha256:86e5c14aba52ce6585adaaa9000202385d4c98116ab8024c1ed8beb0b8385417
发布日期: 2026-04-24 17:16 修改: 2026-06-17 10:46
|
| libxml2 |
CVE-2024-34459 |
低危 |
2.9.13-9.el9_6 |
2.9.13-14.el9_8.1 |
libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-34459
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2024-05-14 15:39 修改: 2026-06-17 07:33
|
| shadow-utils |
CVE-2024-56433 |
低危 |
2:4.9-12.el9 |
2:4.9-15.el9 |
shadow-utils: Default subordinate ID configuration in /etc/login.defs could lead to compromise
漏洞详情: https://avd.aquasec.com/nvd/cve-2024-56433
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2024-12-26 09:15 修改: 2026-06-17 08:12
|
| libtasn1 |
CVE-2025-13151 |
低危 |
4.16.0-9.el9 |
4.16.0-10.el9_8 |
libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string
漏洞详情: https://avd.aquasec.com/nvd/cve-2025-13151
镜像层: sha256:a8761e635a3e670539ea8da50d2e1fdb494f72a06358a38b0047b03e8ac0a538
发布日期: 2026-01-07 22:15 修改: 2026-06-17 08:33
|