CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNVD•added 2017/10/23 12:0 a.m.•2 views

Multiple F5 products have design flaws

F5 BIG-IP LTM, etc. are products of F5 USA.LTM is a local traffic manager; APM is a set of solutions that provide secure and unified access to business-critical applications and networks. A security vulnerability exists in several F5 products. An attacker could exploit the vulnerability to cause...

5.9CVSS6.5AI score0.00647EPSS

CNVD•added 2017/10/04 12:0 a.m.•2 views

F5 BIG-IP systems Traffic Management Microkernel Denial of Service Vulnerability

F5 BIG-IP systems is an application delivery product that integrates network traffic management, application security management, and load balancing. A security vulnerability in the F5 BIG-IP systems Traffic Management Microkernel could be exploited by remote attackers to submit specially crafted...

7.5CVSS7.5AI score0.01195EPSS

OpenVAS•added 2017/05/17 12:0 a.m.•28 views

F5 BIG-IP - TMM vulnerability CVE-2016-9247

Under certain conditions for BIG-IP systems using a virtual server with an associated FastL4 profile and TCP analytics profile, a specific sequence of packets may cause the Traffic Management Microkernel TMM to restart. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be...

5.9CVSS5.8AI score0.00765EPSS

ATTACKERKB•added 2017/05/11 4:29 p.m.•1 views

CVE-2016-7476

The Traffic Management Microkernel TMM in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic. Remote attackers ma...

7.5CVSS5.5AI score0.01196EPSS

Exploits0References5

OSV•added 2017/05/11 4:29 p.m.•0 views

CVE-2016-7476

7.5CVSS5.8AI score

Prion•added 2017/05/11 4:29 p.m.•17 views

Memory corruption

5CVSS7AI score0.01196EPSS

Exploits0References3Affected Software10

CNVD•added 2017/05/11 12:0 a.m.•1 views

F5 BIG-IP TCP Packet Denial of Service Vulnerability

The F5 BIG-IP is a load balancer that uses a variety of distribution algorithms to distribute network requests to available servers in a server cluster, enabling network visitors to have the best possible networking experience by managing incoming Web data traffic and increasing effective network...

5.9CVSS6.8AI score0.00702EPSS

OSV•added 2017/05/09 3:29 p.m.•3 views

CVE-2017-6137

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection is engaged may cause a disrupti...

5.9CVSS5.8AI score

NVD•added 2017/05/09 3:29 p.m.•12 views

CVE-2017-6137

5.9CVSS5.7AI score0.00702EPSS

Cvelist•added 2017/05/09 3:0 p.m.•17 views

CVE-2017-6137

5.7AI score0.00702EPSS

OSV•added 2017/03/27 6:59 p.m.•3 views

CVE-2016-9252

The Traffic Management Microkernel TMM in F5 BIG-IP before 11.5.4 HF3, 11.6.x before 11.6.1 HF2 and 12.x before 12.1.2 does not properly handle minimum path MTU options for IPv6, which allows remote attackers to cause a denial-of-service DoS through unspecified vectors...

7.5CVSS5.8AI score0.01195EPSS

Prion•added 2017/03/27 6:59 p.m.•16 views

Design/Logic Flaw

5CVSS7.2AI score0.01195EPSS

Exploits0References2Affected Software14

Cvelist•added 2017/03/27 6:0 p.m.•24 views

CVE-2016-9252

7.5AI score0.01195EPSS

The Hacker News•added 2017/02/21 12:47 a.m.•15 views

KasperskyOS — Secure Operating System released for IoT and Embedded Systems

Russian cyber security and antivirus vendor Kaspersky Lab has made available the much awaited KasperskyOS, a secure-by-design operating system based on Microkernel architecture which is specially designed for network devices, industrial control systems and the Internet of Things. The operating...

7.2AI score

Exploits0

OSV•added 2017/01/31 3:59 p.m.•2 views

CVE-2016-9249

An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may cause the Traffic Management Microkernel TMM to restart, resulting in a Denial-of-Service DoS...

7.5CVSS5.8AI score0.00772EPSS

CVE•added 2017/01/31 3:0 p.m.•53 views

CVE-2016-9249

CVE-2016-9249 affects F5 BIG-IP TMM when TCP Fast Open is enabled. An undisclosed traffic pattern can cause TMM to restart on BIG-IP Virtual Servers, leading to a DoS. Vendor advisory K71282001 lists vulnerable BIG-IP versions (e.g., BIG-IP LTM 12.0.0–12.1.1, AAM 12.0.0–12.1.1, AFM 12.0.0–12.1.1,...

7.8CVSS7.4AI score0.00772EPSS

Exploits0References3Affected Software1

OSV•added 2017/01/10 4:59 p.m.•2 views

CVE-2016-9247

5.9CVSS5.8AI score0.00765EPSS

Cvelist•added 2017/01/03 9:0 p.m.•28 views

CVE-2016-5024

Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service Traffic Management Microkernel restart via crafted network traffic...

5.7AI score0.01707EPSS

Tenable Nessus•added 2016/11/30 12:0 a.m.•130 views

F5 Networks BIG-IP : BIG-IP FastL4 profile vulnerability (K36300805)

Under certain conditions for BIG-IP systems using FastL4 profiles, when the Reassemble IP Fragments option is disabled default, a specific sequence of fragmented packets may restart the Traffic Management Microkernel TMM. C Tenable Network Security, Inc. The descriptive text and package checks in...

5.4AI score