Lucene search
+L

324 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.8 views

SUSE CVE-2011-0433

Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics AFM...

6.8CVSS8.2AI score0.0421EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:49 a.m.6 views

SUSE CVE-2011-5244

Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...

6.8CVSS7.7AI score0.03355EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.3 views

SUSE CVE-2016-7877

Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization AFM0. Successful exploitation could lead to arbitrary code execution...

8.8CVSS7.7AI score0.05882EPSS
Exploits0References4
NVD
NVD
added 2023/02/01 6:15 p.m.19 views

CVE-2023-22281

On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel...

7.5CVSS7.5AI score0.00626EPSS
Exploits0References1
Prion
Prion
added 2023/02/01 6:15 p.m.13 views

Code injection

On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel...

5CVSS7.5AI score0.00626EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/01 5:52 p.m.9 views

CVE-2023-22281 BIG-IP AFM vulnerability

On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel...

7.5CVSS7.1AI score0.00626EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/02/01 5:52 p.m.28 views

CVE-2023-22281 BIG-IP AFM vulnerability

On versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel...

7.5CVSS7.7AI score0.00626EPSS
Exploits0References1
CVE
CVE
added 2023/02/01 5:52 p.m.71 views

CVE-2023-22281

CVE-2023-22281 affects F5 BIG-IP AFM: when a NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate, leading to a DoS as TMM restarts. Affected product/version details (per K46048342): BI...

7.5CVSS7.6AI score0.00626EPSS
Exploits0References1Affected Software1
F5 Networks
F5 Networks
added 2023/02/01 1:56 p.m.63 views

K000130496: Overview of F5 vulnerabilities (February 2023)

Security Advisory Description On February 1, 2023, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...

8.5CVSS7.3AI score0.72646EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/01 1:4 p.m.18 views

K46048342: BIG-IP AFM vulnerability CVE-2023-22281

Security Advisory Description When a BIG-IP AFM NAT policy with a destination NAT rule is configured on a FastL4 virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2023-22281 Impact Traffic is disrupted while the TMM process restarts. This...

7.5CVSS7.6AI score0.00626EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2023/02/01 12:0 a.m.37 views

F5 BIG-IP AFM Denial of Service Vulnerability (CNVD-2023-05962)

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. A denial of service vulnerability exists in F5 BIG-IP AFM, where undisclosed traffic could cause TMM to crash when an AFM NAT...

7.5CVSS3.3AI score0.00626EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/01/04 4:53 p.m.214 views

K14317: OpenSSH J-PAKE vulnerability CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate. F5 products do not include J-PAKE in the OpenSSH programs a...

9.8CVSS6.6AI score0.04242EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/01/04 12:50 a.m.37 views

K19784568: TMM vulnerability CVE-2016-5023

Security Advisory Description Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service Traffic Management Microkernel...

7.5CVSS7.5AI score0.03046EPSS
Exploits0Affected Software14
NVD
NVD
added 2022/10/19 10:15 p.m.20 views

CVE-2022-41806

In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization...

7.5CVSS0.00616EPSS
Exploits0References1
OSV
OSV
added 2022/10/19 10:15 p.m.5 views

CVE-2022-41813

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel TMM to terminate...

6.5CVSS5.8AI score0.00595EPSS
Exploits0References1
CVE
CVE
added 2022/10/19 9:23 p.m.78 views

CVE-2022-41813

The CVE-2022-41813 issue affects BIG-IP PEM and AFM modules when provisioned on 16.1.x(before 16.1.3.1), 15.1.x(before 15.1.6.1), 14.1.x(before 14.1.5), and all 13.1.x. The root cause is an undisclosed input that can terminate the Traffic Management Microkernel (TMM), causing DoS (control plane o...

6.5CVSS6.8AI score0.00595EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2022/10/19 9:23 p.m.7 views

CVE-2022-41813 BIG-IP PEM and AFM TMUI, TMSH and iControl vulnerability CVE-2022-41813

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel TMM to terminate...

6.5CVSS6.5AI score0.00595EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/19 9:23 p.m.23 views

CVE-2022-41813 BIG-IP PEM and AFM TMUI, TMSH and iControl vulnerability CVE-2022-41813

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel TMM to terminate...

6.5CVSS6.6AI score0.00595EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/19 9:22 p.m.6 views

CVE-2022-41806 BIG-IP AFM NAT64 Policy Vulnerability CVE-2022-41806

In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization...

7.5CVSS7.5AI score0.00616EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/19 9:22 p.m.21 views

CVE-2022-41806 BIG-IP AFM NAT64 Policy Vulnerability CVE-2022-41806

In versions 16.1.x before 16.1.3.2 and 15.1.x before 15.1.5.1, when BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization...

7.5CVSS7.7AI score0.00616EPSS
Exploits0References1
Rows per page
Query Builder