Lucene search
K

170 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.6 views

F5 Networks BIG-IP : BIG-IP SNMP vulnerability (K000140933)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso / Hotfix-BIGIP-16.1.5.2.0.7.5-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000140933 advisory. When SNMP v1 or v2c are disabled on th...

8.7CVSS6AI score0.00436EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.5 views

F5 Networks BIG-IP : BIG-IP message routing vulnerability (K000140947)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso / Hotfix-BIGIP-16.1.5.2.0.7.5-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000140947 advisory. When a BIG-IP message routing profile ...

8.9CVSS6AI score0.00393EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.6 views

F5 Networks BIG-IP : BIG-IP PEM vulnerability (K000139778)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5 / 17.1.2 / Hotfix- BIGIP-15.1.10.6.0.11.6-ENG.iso. It is, therefore, affected by a vulnerability as referenced in the K000139778 advisory. When a BIG-IP PEMControl Plane Listenervirtual server is configured with...

8.7CVSS6AI score0.00396EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.9 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : Tornado vulnerabilities (USN-7150-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7150-1 advisory. It was discovered that Tornado incorrectly handled a certain redirect. A remote attacker could possibly use...

7.5CVSS6.8AI score0.01132EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2024/11/19 5:19 p.m.15 views

USN-7115-1: Waitress vulnerabilities

It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attacker could use this issue to have the server process inconsistent client requests. This issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. CVE-2024-49768 Dylan Jay discovered th...

9.1CVSS6.7AI score0.01386EPSS
Exploits0
Wallarm Lab
Wallarm Lab
added 2024/11/18 9:38 a.m.5 views

Taming API Sprawl: Best Practices for API Discovery and Management

APIs are the backbone of interconnected applications, enabling organizations to innovate, integrate, and scale rapidly. However, as enterprises continue to expand their digital ecosystems, they often encounter a common and complex challenge: API sprawl. Unchecked, API sprawl can lead to increased...

7.1AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/28 7:37 p.m.38 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Nginx Vulnerability Details CVEID:CVE-2024-7646 DESCRIPTION: Kubernetes ingress-nginx could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an annotation validatio...

8.8CVSS7.9AI score0.27018EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/08/15 12:0 a.m.29 views

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K000138833)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.5. It is, therefore, affected by a vulnerability as referenced in the K000138833 advisory. In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition VEs using Intel E810 SR-IOV NIC,...

8.7CVSS5.6AI score0.00481EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2024/05/16 2:27 a.m.47 views

K000139630: Expat vulnerability CVE-2023-52425

Security Advisory Description libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. CVE-2023-52425 Impact There is no impact; F5 products are not affected by this...

7.5CVSS7.2AI score0.01815EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2024/05/02 8:20 a.m.30 views

Apollo Router vulnerable to Critical Regression In Query Plan Cache

Impact Any instance of Apollo Router 1.44.0 or 1.45.0 that is using Distributed Query Plan Caching is impacted. These versions were released on 2024-04-12 and 2024-04-22 respectively. The affected versions of Apollo Router contain a bug that could lead to unexpected operations being executed, whi...

9CVSS6.5AI score0.00727EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/05/02 8:20 a.m.15 views

GHSA-Q9P4-HW9M-FJ2V Apollo Router vulnerable to Critical Regression In Query Plan Cache

Impact Any instance of Apollo Router 1.44.0 or 1.45.0 that is using Distributed Query Plan Caching is impacted. These versions were released on 2024-04-12 and 2024-04-22 respectively. The affected versions of Apollo Router contain a bug that could lead to unexpected operations being executed, whi...

9CVSS9.3AI score0.00727EPSS
Exploits0References6
OSV
OSV
added 2024/03/06 11:20 a.m.43 views

BIT-GITLAB-2021-22177

Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command...

4.3CVSS4.1AI score0.01206EPSS
Exploits0References4
CNVD
CNVD
added 2024/02/21 12:0 a.m.22 views

Siemens Tecnomatix Plant Simulation Null Pointer Dereference Vulnerability (CNVD-2024-09323)

Tecnomatix Plant Simulation models, simulates, explores and optimizes logistics systems and their processes. These models allow material flow, resource utilization and logistics analysis of all manufacturing plans from global production facilities to local plants and specific production lines pri...

5.5CVSS6.7AI score0.0017EPSS
Exploits0References1
CNVD
CNVD
added 2024/02/21 12:0 a.m.18 views

Siemens Tecnomatix Plant Simulation Out-of-Bounds Read Vulnerability (CNVD-2024-09321)

Tecnomatix Plant Simulation models, simulates, explores and optimizes logistics systems and their processes. These models allow material flow, resource utilization and logistics analysis of all manufacturing plans from global production facilities to local plants and specific production lines pri...

7.8CVSS7AI score0.00207EPSS
Exploits0References1
NVD
NVD
added 2024/02/14 5:15 p.m.26 views

CVE-2024-23979

When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are n...

7.5CVSS7.7AI score0.00342EPSS
Exploits0References1
Prion
Prion
added 2024/02/14 5:15 p.m.24 views

Code injection

When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

5CVSS7.2AI score0.00515EPSS
Exploits0References1
Prion
Prion
added 2024/02/14 5:15 p.m.23 views

Authentication flaw

When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication profile is configured on a virtual server, undisclosed requests can cause an increase in CPU resource utilization. Note: Software versions which have reached End of Technical Support EoTS are n...

5CVSS7.3AI score0.00342EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/02/14 12:0 a.m.18 views

F5 Networks BIG-IP : BIG-IP SSL Client Certificate LDAP and CRLDP Authentication profiles vulnerability (K000134516)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000134516 advisory. - When SSL Client Certificate LDAP or Certificate Revocation List Distribution Point CRLDP authentication...

7.5CVSS7.4AI score0.00342EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2023/11/08 3:3 p.m.20 views

s2n-quic potential denial of service via crafted stream frames

Impact An issue in s2n-quic could result in unnecessary resource utilization when peers open streams beyond advertised limits. Impacted versions: = v1.30.0. Patches The patch is included in v1.31.0 1. Workarounds There is no workaround. Applications using s2n-quic should upgrade to the most recen...

7AI score
Exploits0References4Affected Software1
OSV
OSV
added 2023/11/08 3:3 p.m.19 views

GHSA-475V-PQ2G-FP9G s2n-quic potential denial of service via crafted stream frames

Impact An issue in s2n-quic could result in unnecessary resource utilization when peers open streams beyond advertised limits. Impacted versions: = v1.30.0. Patches The patch is included in v1.31.0 1. Workarounds There is no workaround. Applications using s2n-quic should upgrade to the most recen...

6.9AI score
Exploits0References4
Rows per page
Query Builder