Lucene search

K

BIG-IP (AFM, PEM) Security Vulnerabilities

vulnrichment
vulnrichment

CVE-2021-47266 RDMA/ipoib: Fix warning caused by destroying non-initial netns

In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces"), if the IPoIB device is moved to non-initial netns, destroying that netns lets the....

6.7AI Score

0.0004EPSS

2024-05-21 02:19 PM
1
cvelist
cvelist

CVE-2021-47266 RDMA/ipoib: Fix warning caused by destroying non-initial netns

In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces"), if the IPoIB device is moved to non-initial netns, destroying that netns lets the....

6.2AI Score

0.0004EPSS

2024-05-21 02:19 PM
githubexploit
githubexploit

Exploit for CVE-2024-27130

[![Profile...

7.2CVSS

7.9AI Score

0.0004EPSS

2024-05-21 11:14 AM
259
ibm
ibm

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.3 addresses multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.7.3 addresses multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2024-30260 DESCRIPTION: **Node.js undici module could allow a remote authenticated attacker to obtain sensitive information, caused by a...

9.8CVSS

10AI Score

0.175EPSS

2024-05-21 09:37 AM
4
ubuntucve
ubuntucve

CVE-2023-52780

In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm is not used. The page pool is also not...

6.4AI Score

0.0004EPSS

2024-05-21 12:00 AM
ubuntucve
ubuntucve

CVE-2021-47349

In the Linux kernel, the following vulnerability has been resolved: mwifiex: bring down link before deleting interface We can deadlock when rmmod'ing the driver or going through firmware reset, because the cfg80211_unregister_wdev() has to bring down the link for us, ... which then grab the same...

6.7AI Score

0.0004EPSS

2024-05-21 12:00 AM
1
ubuntucve
ubuntucve

CVE-2023-52828

In the Linux kernel, the following vulnerability has been resolved: bpf: Detect IP == ksym.end as part of BPF program Now that bpf_throw kfunc is the first such call instruction that has noreturn semantics within the verifier, this also kicks in dead code elimination in unprecedented ways. For...

6.7AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
f5
f5

K000139700: Linux kernel usbmon vulnerability CVE-2022-43750

Security Advisory Description drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory. (CVE-2022-43750) Impact This vulnerability may allow an attacker with local access to gain improper...

7.1AI Score

0.0004EPSS

2024-05-21 12:00 AM
4
nessus
nessus

F5 Networks BIG-IP : Python vulnerability (K000139685)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139685 advisory. An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before...

5.3CVSS

7.2AI Score

0.0005EPSS

2024-05-21 12:00 AM
2
arista
arista

Security Advisory 0096

Security Advisory 0096 _._CSAF PDF Date: May 21, 2024 Revision | Date | Changes ---|---|--- 1.0 | May 21, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-5502 CVSSv3.1 Base Score: 5.9 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N) Common Weakness Enumeration: CWE-287 Improper...

6.3AI Score

EPSS

2024-05-21 12:00 AM
1
ubuntucve
ubuntucve

CVE-2021-47371

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix memory leaks in nexthop notification chain listeners syzkaller discovered memory leaks [1] that can be reduced to the following commands: ip nexthop add id 1 blackhole # devlink dev reload pci/0000:06:00.0 As part of.....

6.6AI Score

0.0004EPSS

2024-05-21 12:00 AM
1
f5
f5

K000139698: Python vulnerabilities CVE-2016-5636, and CVE-2023-36632

Security Advisory Description CVE-2016-5636 Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based...

8.3AI Score

0.028EPSS

2024-05-21 12:00 AM
15
trellix
trellix

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR - Part 2

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR - Part 2 By Chintan Shah, Maulik Maheta · May 21, 2024 Executive summary In the part 1 of this series we discussed in depth about the known Lateral movement attacks like abusing weak service permissions (T1574.011), NTDS.dit file.....

7.9AI Score

2024-05-21 12:00 AM
7
packetstorm

7.4AI Score

0.0004EPSS

2024-05-21 12:00 AM
96
nessus
nessus

F5 Networks BIG-IP : VPN TunnelVision vulnerability (K000139553)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139553 advisory. DHCP can add routes to a client's routing table via the classless static route option (121). VPN-based security...

7.6CVSS

7.3AI Score

0.0005EPSS

2024-05-21 12:00 AM
3
nessus
nessus

F5 Networks BIG-IP : Linux kernel usbmon vulnerability (K000139700)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K000139700 advisory. drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user- space...

6.7CVSS

7AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
f5
f5

K000139691: Python vulnerabilities CVE-2022-48565, CVE-2018-1000802 and CVE-2016-9063

Security Advisory Description CVE-2022-48565 An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities. CVE-2018-1000802 Python Software Foundation Python (CPython)...

8.4AI Score

0.01EPSS

2024-05-21 12:00 AM
15
ubuntucve
ubuntucve

CVE-2021-47293

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. As an example, for CAN devices: $ ip link add dev vcan0 type vcan $.....

6.7AI Score

0.0004EPSS

2024-05-21 12:00 AM
1
ubuntucve
ubuntucve

CVE-2021-47276

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used for updating into a nop in ftrace_init(), but the error path (rightfully) returned -EINVAL and not...

6.4AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
ubuntucve
ubuntucve

CVE-2021-47340

In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode with JFS_SBI(inode->i_sb)->ipimap == NULL to diFree()[1]. GFP will appear: struct inode ipimap = JFS_SBI(ip->i_sb)->ipimap; struct inomap imap = JFS_IP(ipimap)->i_imap; JFS_...

6.5AI Score

0.0004EPSS

2024-05-21 12:00 AM
2
f5
f5

K000139685: Python vulnerability CVE-2023-40217

Security Advisory Description An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into...

7AI Score

0.0005EPSS

2024-05-21 12:00 AM
5
ubuntucve
ubuntucve

CVE-2021-47266

In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces"), if the IPoIB device is moved to non-initial netns, destroying that netns lets the....

6.4AI Score

0.0004EPSS

2024-05-21 12:00 AM
1
redhatcve
redhatcve

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.6AI Score

0.0004EPSS

2024-05-20 05:10 PM
4
redhatcve
redhatcve

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

6.5AI Score

0.0004EPSS

2024-05-20 04:23 PM
2
githubexploit
githubexploit

Exploit for OS Command Injection in Fortinet Fortisiem

CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order...

10CVSS

8.1AI Score

0.001EPSS

2024-05-20 02:34 PM
195
redhatcve
redhatcve

CVE-2024-35920

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect decoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_dec_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.5AI Score

0.0004EPSS

2024-05-20 02:20 PM
1
redhatcve
redhatcve

CVE-2024-35919

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.5AI Score

0.0004EPSS

2024-05-20 02:20 PM
2
githubexploit
githubexploit

Exploit for Improper Restriction of Excessive Authentication Attempts in Netgate Pfsense Plus

[CVE-2023-27100 - pfSense Anti-brute force protection bypass]...

9.8CVSS

7.3AI Score

0.002EPSS

2024-05-20 01:35 PM
104
redhatcve
redhatcve

CVE-2024-35903

In the Linux kernel, the following vulnerability has been resolved: x86/bpf: Fix IP after emitting call depth accounting Adjust the IP passed to emit_patch so it calculates the correct offset for the CALL instruction if x86_call_depth_emit_accounting emits code. Otherwise we will skip some...

6.6AI Score

0.0004EPSS

2024-05-20 11:44 AM
7
nvd
nvd

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.4AI Score

0.0004EPSS

2024-05-20 10:15 AM
3
cve
cve

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.7AI Score

0.0004EPSS

2024-05-20 10:15 AM
28
debiancve
debiancve

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.7AI Score

0.0004EPSS

2024-05-20 10:15 AM
2
cvelist
cvelist

CVE-2024-35973 geneve: fix header validation in geneve[6]_xmit_skb

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.4AI Score

0.0004EPSS

2024-05-20 09:42 AM
vulnrichment
vulnrichment

CVE-2024-35973 geneve: fix header validation in geneve[6]_xmit_skb

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.8AI Score

0.0004EPSS

2024-05-20 09:42 AM
malwarebytes
malwarebytes

A week in security (May 13 – May 19)

Last week on Malwarebytes Labs: Deleted iPhone photos show up again after iOS update Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it Notorious data leak site BreachForums seized by law enforcement Apple and Google join forces to stop unwanted tracking...

6.9AI Score

2024-05-20 07:04 AM
5
githubexploit
githubexploit

Exploit for CVE-2024-22120

CVE-2024-22120 ToolKit Affected Version/s ``` 6.0.0 -...

9.1CVSS

6.9AI Score

0.0004EPSS

2024-05-20 03:29 AM
277
githubexploit
githubexploit

Exploit for CVE-2024-20356

CVE-2024-20356 This is a proof of concept for CVE-2024-20356,...

7.7AI Score

2024-05-20 12:57 AM
100
nessus
nessus

F5 Networks BIG-IP : Python vulnerabilities (K000139698)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000139698 advisory. Integer overflow in the get_data function in zipimport.c in CPython (aka Python) before 2.7.12, 3.x...

7.5CVSS

8AI Score

0.028EPSS

2024-05-20 12:00 AM
2
f5
f5

K000139680: MySQL2 vulnerability CVE-2024-21508

Security Advisory Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. (CVE-2024-21508) Impact There is no impact; F5 products are not...

7.8AI Score

0.0004EPSS

2024-05-20 12:00 AM
7
f5
f5

K000139682: Speculative race conditions vulnerabilities CVE-2024-2193 and CVE-2024-26602

Security Advisory Description CVE-2024-2193 A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting speculative execution (related to Spectre V1) has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data...

5.5AI Score

0.0004EPSS

2024-05-20 12:00 AM
8
nessus
nessus

F5 Networks BIG-IP : Speculative race conditions vulnerabilities (K000139682)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000139682 advisory. A Speculative Race Condition (SRC) vulnerability that impacts modern CPU architectures supporting ...

5.5CVSS

7.8AI Score

0.0004EPSS

2024-05-20 12:00 AM
1
nessus
nessus

F5 Networks BIG-IP : Python vulnerabilities (K000139691)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the K000139691 advisory. An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer ...

9.8CVSS

8.2AI Score

0.01EPSS

2024-05-20 12:00 AM
2
f5
f5

K000139678: MySQL Server vulnerability CVE-2024-21055

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

6AI Score

0.0004EPSS

2024-05-20 12:00 AM
7
f5
f5

K000139684: AMD processors vulnerability CVE-2023-20569

Security Advisory Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. (CVE-2023-20569) Impact...

6.3AI Score

0.0004EPSS

2024-05-20 12:00 AM
5
ubuntucve
ubuntucve

CVE-2024-35973

In the Linux kernel, the following vulnerability has been resolved: geneve: fix header validation in geneve[6]_xmit_skb syzbot is able to trigger an uninit-value in geneve_xmit() [1] Problem : While most ip tunnel helpers (like ip_tunnel_get_dsfield()) uses skb_protocol(skb, true),...

6.7AI Score

0.0004EPSS

2024-05-20 12:00 AM
6
f5
f5

K000139692: Websense vulnerabilities CVE-2006-2035 and CVE-2010-5144

Security Advisory Description CVE-2006-2035 Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL. CVE-2010-5144 The ISAPI Filter plug-in in Websense...

7.1AI Score

0.002EPSS

2024-05-20 12:00 AM
3
debiancve
debiancve

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

7.1AI Score

0.0004EPSS

2024-05-19 11:15 AM
3
nvd
nvd

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

6.5AI Score

0.0004EPSS

2024-05-19 11:15 AM
cve
cve

CVE-2024-35942

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain According to i.MX8MP RM and HDMI ADD, the fdcc clock is part of hdmi rx verification IP that should not enable for HDMI TX. But actually if the clock is...

6.7AI Score

0.0004EPSS

2024-05-19 11:15 AM
27
nvd
nvd

CVE-2024-35919

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: adding lock to protect encoder context list Add a lock for the ctx_list, to avoid accessing a NULL pointer within the 'vpu_enc_ipi_handler' function when the ctx_list has been deleted due to an unexpected.....

6.5AI Score

0.0004EPSS

2024-05-19 11:15 AM
Total number of security vulnerabilities70354