EUVD-2026-29976

When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel QuickAssist Technology QAT or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to...

EUVD-2021-10162

Malware in sbrugna...

Your Compiler Is Backdooring Your Model: Understanding and Exploiting Compilation Inconsistency Vulnerabilities in Deep Learning Compilers

Deep learning DL compilers are core infrastructure in modern DL systems, offering flexibility and scalability beyond vendor-specific libraries. This work uncovers a fundamental vulnerability in their design: can an official, unmodified compiler alter a model's semantics during compilation and...

CVE-2024-9472 PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Traffic

A null pointer dereference in Palo Alto Networks PAN-OS software on PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series hardware platforms when Decryption policy is enabled allows an unauthenticated attacker to crash PAN-OS by sending specific traffic through the data plane, resulti...

PT-2024-8351 · Palo Alto Networks · Pan-Os

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS versions 10.2.7-h12 through 11.2.2-h1 Description: A null pointer dereference in Palo Alto Networks PAN-OS software on PA-800 Series, PA-3200 Series, PA-5200 Series, and PA-7000 Series hardware platforms when...

CVE-2021-27795

Brocade Fabric OS FOS hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This would allow attackers or a malicious party to forge a...

CVE-2023-3470

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...

Default credentials

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...

CVE-2023-3470 BIG-IP FIPS HSM password vulnerability CVE-2023-3470

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...

CVE-2023-3470 BIG-IP FIPS HSM password vulnerability CVE-2023-3470

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information...

ALSA-2023:3822 Moderate: virt:rhel and virt-devel:rhel security and bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

Rocky Linux and virt-devel:Rocky Linux bug fix update

An update is available for sgabios, module.hivex, module.libvirt, module.virt-v2v, hivex, perl-Sys-Virt, module.libguestfs, module.nbdkit, netcf, swtpm, module.qemu-kvm, module.seabios, module.libvirt-python, virt-v2v, libtpms, module.supermin, libvirt-dbus, qemu-kvm, supermin, module.libvirt-dbu...

K16162257: Intel BIOS vulnerability CVE-2021-0154

Security Advisory Description Improper input validation in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVE-2021-0154 Impact A local attacker logged in as a privileged user can exploit the vulnerability...

K29146534: SSB Variant 4 vulnerability CVE-2018-3639

Security Advisory Description Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel...

K54252492: Side-channel processor vulnerability CVE-2018-3693

Security Advisory Description Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. CVE-2018-3693 also known as Spectre ...

K97035296: Microarchitectural Load Port Data Sampling - Information Leak (MLPDS) CVE-2018-12127

Security Advisory Description Microarchitectural Load Port Data Sampling MLPDS: Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2018-12127 Impact MDS...

K52370164: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12126

Security Advisory Description Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.CVE-2018-12126 Impact MDS...

K68755210: BIG-IP SYN Cookie Protection vulnerability CVE-2022-23011

Security Advisory Description On certain hardware BIG-IP platforms, virtual servers may stop responding while processing TCP traffic due to an issue in the SYN Cookie Protection feature. CVE-2022-23011 Impact On certain hardware BIG-IP platforms, traffic is disrupted for new client connections...

K14454359: Intel BIOS vulnerability CVE-2021-0153

Security Advisory Description Out-of-bounds write in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-0153 Impact A local attacker logged in as a privileged user can exploit this vulnerability to gain...

K26455071: BIG-IP HSB vulnerability CVE-2019-6604

Security Advisory Description Under certain conditions, hardware systems with a High-Speed Bridge HSB using non-default Layer 2 forwarding configurations may experience a lockup of the HSB. CVE-2019-6604 This vulnerability occurs when all of the following conditions are met: A VLAN group is...