Lucene search

K

BIG-IP (AFM, ASM) Security Vulnerabilities

redhat
redhat

(RHSA-2024:2981) Moderate: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fix(es): frr: missing length check in bgp_attr_psid_sub() can lead do DoS (CVE-2023-31490) frr: processes invalid NLRIs if...

6.6AI Score

0.005EPSS

2024-05-22 06:35 AM
4
cvelist
cvelist

CVE-2021-47452 netfilter: nf_tables: skip netdev events generated on netns removal

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: skip netdev events generated on netns removal syzbot reported following (harmless) WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230...

6.4AI Score

0.0004EPSS

2024-05-22 06:19 AM
1
vulnrichment
vulnrichment

CVE-2021-47452 netfilter: nf_tables: skip netdev events generated on netns removal

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: skip netdev events generated on netns removal syzbot reported following (harmless) WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230...

6.8AI Score

0.0004EPSS

2024-05-22 06:19 AM
cvelist
cvelist

CVE-2021-47448 mptcp: fix possible stall on recvmsg()

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg() recvmsg() can enter an infinite loop if the caller provides the MSG_WAITALL, the data present in the receive queue is not sufficient to fulfill the request, and no more data is received by...

6.5AI Score

0.0004EPSS

2024-05-22 06:19 AM
packetstorm

7.4AI Score

0.002EPSS

2024-05-22 12:00 AM
174
osv
osv

Moderate: traceroute security update

The traceroute utility displays the route used by IP packets on their way to a specified network (or Internet) host. Security Fix(es): traceroute: improper command line parsing (CVE-2023-46316) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and...

5.5CVSS

6.6AI Score

0.0004EPSS

2024-05-22 12:00 AM
1
nessus
nessus

Fortinet Fortigate (FG-IR-23-225)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-225 advisory. An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version...

5CVSS

6.8AI Score

0.0004EPSS

2024-05-22 12:00 AM
3
ubuntucve
ubuntucve

CVE-2021-47448

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg() recvmsg() can enter an infinite loop if the caller provides the MSG_WAITALL, the data present in the receive queue is not sufficient to fulfill the request, and no more data is received by...

6.8AI Score

0.0004EPSS

2024-05-22 12:00 AM
3
osv
osv

Important: bind and dhcp security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...

7.5CVSS

6.8AI Score

0.05EPSS

2024-05-22 12:00 AM
4
osv
osv

Moderate: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fix(es): frr: missing length check in bgp_attr_psid_sub() can lead do DoS (CVE-2023-31490) frr: processes invalid NLRIs if attribute...

7.5CVSS

6.6AI Score

0.005EPSS

2024-05-22 12:00 AM
1
almalinux
almalinux

Moderate: traceroute security update

The traceroute utility displays the route used by IP packets on their way to a specified network (or Internet) host. Security Fix(es): traceroute: improper command line parsing (CVE-2023-46316) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and...

5.5CVSS

6.7AI Score

0.0004EPSS

2024-05-22 12:00 AM
1
almalinux
almalinux

Moderate: perl:5.32 security update

Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix(es): perl: Write past buffer end via illegal user-defined Unicode property (CVE-2023-47038) For more details about the security issue(s), including the impact, a...

7.8CVSS

6.8AI Score

0.0004EPSS

2024-05-22 12:00 AM
5
almalinux
almalinux

Moderate: frr security update

FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR, EIGRP and BFD. Security Fix(es): frr: missing length check in bgp_attr_psid_sub() can lead do DoS (CVE-2023-31490) frr: processes invalid NLRIs if attribute...

7.5CVSS

6.7AI Score

0.005EPSS

2024-05-22 12:00 AM
1
almalinux
almalinux

Important: bind and dhcp security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. The...

7.5CVSS

6.8AI Score

0.05EPSS

2024-05-22 12:00 AM
2
ubuntucve
ubuntucve

CVE-2021-47452

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: skip netdev events generated on netns removal syzbot reported following (harmless) WARN: WARNING: CPU: 1 PID: 2648 at net/netfilter/core.c:468 nft_netdev_unregister_hooks net/netfilter/nf_tables_api.c:230...

6.5AI Score

0.0004EPSS

2024-05-22 12:00 AM
4
nessus
nessus

CentOS 8 : python-dns (CESA-2024:3275)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3275 advisory. eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS name resolution by quickly sending an invalid...

6.5AI Score

0.0004EPSS

2024-05-22 12:00 AM
3
zdt
zdt

CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution Exploit

CHAOS version 5.0.8 is a free and open-source Remote Administration Tool that allows generated binaries to control remote operating systems. The web application contains a remote command execution vulnerability which can be triggered by an authenticated user when generating a new executable. The...

6.2AI Score

0.0004EPSS

2024-05-22 12:00 AM
185
wallarmlab
wallarmlab

Vulnerabilities in BIG-IP Next Central Manager allows control of managed devices

Introduction In May 2024, new vulnerabilities have been identified in BIG-IP Next Central Manager, raising considerable security concerns. This discovery follows closely on the heels of a critical vulnerability revealed in April within Palo Alto's firewalls with enabled GlobalProtect feature,...

7.5CVSS

8.6AI Score

0.0004EPSS

2024-05-21 04:56 PM
13
ibm
ibm

Security Bulletin: IBM Storage Fusion HCI is vulnerable to arbitrary code execution due to Node.js IP package.

Summary IP from Node.js is used by IBM Storage Fusion HCI as part of the Backup and Restore service and is vulnerable to the CVE listed below. CVE-2023-42282. Vulnerability Details ** CVEID: CVE-2023-42282 DESCRIPTION: **Node.js IP package could allow a remote attacker to execute arbitrary code...

9.8CVSS

8AI Score

0.001EPSS

2024-05-21 04:27 PM
11
ibm
ibm

Security Bulletin: IBM Storage Fusion is vulnerable to arbitrary code execution due to Node.js IP package.

Summary IP from Node.js is used by IBM Storage Fusion as part of the Backup and Restore service and is vulnerable to the CVE listed below. CVE-2023-42282. Vulnerability Details ** CVEID: CVE-2023-42282 DESCRIPTION: **Node.js IP package could allow a remote attacker to execute arbitrary code on...

9.8CVSS

8AI Score

0.001EPSS

2024-05-21 04:25 PM
9
nvd
nvd

CVE-2023-52874

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid...

6.5AI Score

0.0004EPSS

2024-05-21 04:15 PM
cve
cve

CVE-2023-52874

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid...

6.7AI Score

0.0004EPSS

2024-05-21 04:15 PM
26
debiancve
debiancve

CVE-2023-52874

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid...

6.6AI Score

0.0004EPSS

2024-05-21 04:15 PM
1
cve
cve

CVE-2023-52828

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpf_throw kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For...

6.5AI Score

0.0004EPSS

2024-05-21 04:15 PM
25
debiancve
debiancve

CVE-2023-52828

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpf_throw kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For...

6.7AI Score

0.0004EPSS

2024-05-21 04:15 PM
1
nvd
nvd

CVE-2023-52828

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpf_throw kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For...

6.3AI Score

0.0004EPSS

2024-05-21 04:15 PM
nvd
nvd

CVE-2023-52796

In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlan_process_v6_outbound() by moving the flowi6 struct used for the route lookup in...

6.5AI Score

0.0004EPSS

2024-05-21 04:15 PM
2
cve
cve

CVE-2023-52796

In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlan_process_v6_outbound() by moving the flowi6 struct used for the route lookup in...

6.7AI Score

0.0004EPSS

2024-05-21 04:15 PM
29
debiancve
debiancve

CVE-2023-52796

In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlan_process_v6_outbound() by moving the flowi6 struct used for the route lookup...

6.6AI Score

0.0004EPSS

2024-05-21 04:15 PM
debiancve
debiancve

CVE-2023-52780

In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm is not used. The page pool is also not...

6.5AI Score

0.0004EPSS

2024-05-21 04:15 PM
2
cve
cve

CVE-2023-52770

In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extent_cache Let's allocate the extent_cache tree without dynamic conditions to avoid a missing condition causing a panic as below. # create a file w/ a compressed flag # disable the.....

6.7AI Score

0.0004EPSS

2024-05-21 04:15 PM
24
nvd
nvd

CVE-2023-52780

In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm is not used. The page pool is also not...

6.3AI Score

0.0004EPSS

2024-05-21 04:15 PM
nvd
nvd

CVE-2023-52770

In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extent_cache Let's allocate the extent_cache tree without dynamic conditions to avoid a missing condition causing a panic as below. # create a file w/ a compressed flag # disable the.....

6.5AI Score

0.0004EPSS

2024-05-21 04:15 PM
cve
cve

CVE-2023-52780

In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm is not used. The page pool is also not...

6.5AI Score

0.0004EPSS

2024-05-21 04:15 PM
27
debiancve
debiancve

CVE-2023-52770

In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extent_cache Let's allocate the extent_cache tree without dynamic conditions to avoid a missing condition causing a panic as below. # create a file w/ a compressed flag # disable...

6.6AI Score

0.0004EPSS

2024-05-21 04:15 PM
1
debiancve
debiancve

CVE-2023-52761

In the Linux kernel, the following vulnerability has been resolved: riscv: VMAP_STACK overflow detection thread-safe commit 31da94c25aea ("riscv: add VMAP_STACK overflow detection") added support for CONFIG_VMAP_STACK. If overflow is detected, CPU switches to shadow_stack temporarily before...

7.3AI Score

0.0004EPSS

2024-05-21 04:15 PM
2
cve
cve

CVE-2023-52761

In the Linux kernel, the following vulnerability has been resolved: riscv: VMAP_STACK overflow detection thread-safe commit 31da94c25aea ("riscv: add VMAP_STACK overflow detection") added support for CONFIG_VMAP_STACK. If overflow is detected, CPU switches to shadow_stack temporarily before...

6.9AI Score

0.0004EPSS

2024-05-21 04:15 PM
25
nvd
nvd

CVE-2023-52761

In the Linux kernel, the following vulnerability has been resolved: riscv: VMAP_STACK overflow detection thread-safe commit 31da94c25aea ("riscv: add VMAP_STACK overflow detection") added support for CONFIG_VMAP_STACK. If overflow is detected, CPU switches to shadow_stack temporarily before...

6.7AI Score

0.0004EPSS

2024-05-21 04:15 PM
debiancve
debiancve

CVE-2023-52737

In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a...

7.3AI Score

0.0004EPSS

2024-05-21 04:15 PM
cve
cve

CVE-2023-52737

In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a concurrent....

7AI Score

0.0004EPSS

2024-05-21 04:15 PM
25
nvd
nvd

CVE-2023-52737

In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This however can lead to a deadlock if we have a concurrent....

6.8AI Score

0.0004EPSS

2024-05-21 04:15 PM
cvelist
cvelist

CVE-2023-52874 x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from the untrusted VMM, the registers that the TDX guest shares to the VMM need to be cleared to avoid...

6.4AI Score

0.0004EPSS

2024-05-21 03:32 PM
cvelist
cvelist

CVE-2023-52828 bpf: Detect IP == ksym.end as part of BPF program

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpf_throw kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For...

6.3AI Score

0.0004EPSS

2024-05-21 03:31 PM
vulnrichment
vulnrichment

CVE-2023-52828 bpf: Detect IP == ksym.end as part of BPF program

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpf_throw kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For...

6.7AI Score

0.0004EPSS

2024-05-21 03:31 PM
cvelist
cvelist

CVE-2023-52796 ipvlan: add ipvlan_route_v6_outbound() helper

In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlan_process_v6_outbound() by moving the flowi6 struct used for the route lookup in...

6.4AI Score

0.0004EPSS

2024-05-21 03:31 PM
vulnrichment
vulnrichment

CVE-2023-52796 ipvlan: add ipvlan_route_v6_outbound() helper

In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack size needed in ipvlan_process_v6_outbound() by moving the flowi6 struct used for the route lookup in...

6.8AI Score

0.0004EPSS

2024-05-21 03:31 PM
cvelist
cvelist

CVE-2023-52780 net: mvneta: fix calls to page_pool_get_stats

In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm is not used. The page pool is also not...

6.3AI Score

0.0004EPSS

2024-05-21 03:30 PM
vulnrichment
vulnrichment

CVE-2023-52780 net: mvneta: fix calls to page_pool_get_stats

In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm is not used. The page pool is also not...

6.7AI Score

0.0004EPSS

2024-05-21 03:30 PM
cvelist
cvelist

CVE-2023-52770 f2fs: split initial and dynamic conditions for extent_cache

In the Linux kernel, the following vulnerability has been resolved: f2fs: split initial and dynamic conditions for extent_cache Let's allocate the extent_cache tree without dynamic conditions to avoid a missing condition causing a panic as below. # create a file w/ a compressed flag # disable the.....

6.4AI Score

0.0004EPSS

2024-05-21 03:30 PM
vulnrichment
vulnrichment

CVE-2023-52761 riscv: VMAP_STACK overflow detection thread-safe

In the Linux kernel, the following vulnerability has been resolved: riscv: VMAP_STACK overflow detection thread-safe commit 31da94c25aea ("riscv: add VMAP_STACK overflow detection") added support for CONFIG_VMAP_STACK. If overflow is detected, CPU switches to shadow_stack temporarily before...

7AI Score

0.0004EPSS

2024-05-21 03:30 PM
Total number of security vulnerabilities72055