F5 Networks BIG-IP : BIG-IP TMM SSL vulnerability (K000133132)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5 / 16.1.2.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K000133132 advisory. - When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU ...

Accelerate compliance with the Landing Zone Accelerator on AWS

Increasing complex compliance requirements is placing a heavy burden on security leaders. To better support organizations' pursuit of FedRAMP High Compliance, AWS launched the Landing Zone Accelerator on AWS. We conducted a thorough evaluation of the solution and shared our findings in the new LZ...

mipjz 跨站脚本漏洞

mipjz is sansanyun individual developers of a set of Baidu Mobile Accelerator MIP-based content management system . A security vulnerability exists in mipjz version v5.0.5, which stems from a stored cross-site scripting XSS vulnerability that allows an attacker to execute arbitrary web script or...

CVE-2023-24594

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-24594

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Code injection

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-24594 BIG-IP TMM SSL vulnerability

When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-24594

CVE-2023-24594 affects F5 BIG-IP: when an SSL profile is configured on a Virtual Server, undisclosed traffic can cause increased CPU/SSL accelerator resource utilization (data-plane DoS). Affected BIG-IP branches include 17.x (fix: 17.0.0), 16.x (fix: 16.1.2.1), 15.x (fix: 15.1.5), 14.x (fix: 14....

PT-2023-19697 · F5 · Big-Ip

Name of the Vulnerable Software and Affected Versions: BIG-IP versions prior to 17.0.0 Description: When an SSL profile is configured on a Virtual Server, undisclosed traffic can cause an increase in CPU or SSL accelerator resource utilization. Recommendations: For versions prior to 17.0.0, updat...

VulnCheck KEV: CVE-2023-28206

Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges...

openssl-ibmca bug fix and enhancement update

An update is available for openssl-ibmca. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The openssl-ibmca package provides a dynamic OpenSSL engine for the IBM...

PT-2023-35690 · Git +1 · Harfbuzz

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a global buffer overflow read error. Technical details include a crash state involving the OT::gvar::accelerator t::apply deltas ...

Security Bulletin: Multiple Vulnerabilities in Json4j Affects Watson Machine Learning Accelerator

Summary Watson Machine Learning Accelerator is affected by multiple json4j CVEs CVE-2022-23529, CVE-2022-23539, CVE-2022-23540, CVE-2022-23541, CVE-2022-45690, CVE-2022-46175, CVE-2022-4742. We fixed by removing json4j. Vulnerability Details Refer to the security bulletins listed in the...

K52521791: vCMP Cavium Nitrox SSL hardware accelerator vulnerability CVE-2018-5507

Security Advisory Description vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU. CVE-2018-5507 Impact BIG-IP The affected SSL connections are terminated unexpectedly. ARX / BIG-IQ / Enterprise Manager ...

Important: Red Hat Security Advisory: rh-varnish6-varnish security update

An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

kernel: crypto: qat - fix DMA transfer direction

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - fix DMA transfer direction When CONFIGDMAAPIDEBUG is selected, while running the crypto self test on the QAT crypto algorithms, the function adddmaentry reports a warning similar to the one below, saying that...

[SECURITY] [DSA 5334-1] varnish security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5334-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 29, 2023 https://www.debian.org/security/faq -...

Important: Red Hat Security Advisory: varnish:6 security update

An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: varnish:6 security update

An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: varnish:6 security update

An update for the varnish:6 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as havin...