22 matches found
EUVD-2017-8304
Malware in sbrugna...
EUVD-2022-44981
Malicious code in bioql PyPI...
CVE-2022-41813
In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel TMM to terminate...
F5 BIG-IP 输入验证错误漏洞
F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. F5 BIG-IP suffers from an input validation error vulnerability that stems from an undisclosed input that could cause the Traffic Management...
F5 Networks BIG-IP : BIG-IP PEM and AFM TMUI, TMSH, and iControl REST vulnerability (K93723284)
The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.3.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K93723284 advisory. When the BIG-IP system is provisioned with the PEM or AFM module, an undisclosed input can cause...
Huawei Data Communication: Multiple Vulnerabilities of PEM Module in Some Huawei Products (huawei-sa-20171206-01-pem)
There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient verification. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2017-6153
Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "Zip Bomb" attack...
F5 BIG-IP Denial of Service Vulnerability (CNVD-2018-15636)
F5 BIG-IP is a collection of software and hardware that allows you to control the traffic that passes through your network. A denial-of-service vulnerability exists in F5 BIG-IP 11.x, 12.x, and 13.x. A remote attacker could exploit this vulnerability by sending specially crafted data to a target...
CVE-2017-17136
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...
CVE-2017-17135
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...
Null pointer dereference
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...
Input validation
PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10...
CVE-2017-17137
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...
CVE-2017-17138
PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10...
CVE-2017-17135
PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...
CVE-2017-17138
CVE-2017-17138 is a DoS in the Huawei PEM module caused by insufficient verification, where an authenticated local attacker can trigger a deadloop by presenting a malicious certificate. Affected Huawei products include DP300, IPS, NGFW, NIP6300/6600, RP200, S-series (S12700, S1700, S2700, S5700, ...
CVE-2017-17135
CVE-2017-17135 is a null pointer reference vulnerability in the PEM module of Huawei products, including DP300 family, IPS, NGFW, NIP, S-series, Secospace USG, ViewPoint, TE, TP, USG9500, and related models, due to insufficient verification. An authenticated local attacker can call the PEM decode...
PEM module heap overflow vulnerability in multiple Huawei products
Huawei DP300, IPS Module, and NGFW Module are all products of Huawei China. A heap overflow vulnerability exists in the PEM module of multiple Huawei products, which can be exploited by an authenticated local attacker to launch a denial-of-service attack by constructing a malicious certificate th...
PEM module null pointer access vulnerability in multiple Huawei products
Huawei DP300, IPS Module, and NGFW Module are all products of Huawei China. A null pointer access vulnerability exists in the PEM module of multiple Huawei products, which can be exploited by an authenticated local attacker to cause a denial-of-service attack by calling the PEM decoder with...
Memory Out-of-Bounds Access Vulnerability in PEM Module for Multiple Huawei Products
Huawei DP300, IPS Module, and NGFW Module are all products of Huawei China. The memory out-of-bounds access vulnerability in the PEM Module of several Huawei products can be exploited by an authenticated local attacker to launch a denial-of-service attack by constructing a malicious certificate...