Lucene search
K

788 matches found

Exploit DB
Exploit DB
added 2018/01/11 12:0 a.m.27 views

macOS - 'process_policy' Stack Leak Through Uninitialized Field

/ The syscall processpolicyscope=PROCPOLICYSCOPEPROCESS, action=PROCPOLICYACTIONGET, policy=PROCPOLICYRESOURCEUSAGE, policysubtype=PROCPOLICYRUSAGECPU, attrp=, targetpid=0, targetthreadid= causes 4 bytes of uninitialized kernel stack memory to be written to userspace. The call graph looks as...

7.4AI score
Exploits0
RedhatCVE
RedhatCVE
added 2017/12/27 5:20 p.m.34 views

CVE-2017-17818

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...

7.5CVSS3.5AI score0.02721EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/12/27 4:50 p.m.34 views

CVE-2017-17814

In Netwide Assembler NASM 2.14rc0, there is a use-after-free in dodirective in asm/preproc.c that will cause a remote denial of service attack...

5.5CVSS3.7AI score0.01188EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2017/12/27 3:55 p.m.29 views

CVE-2017-17812

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read in the function detoken in asm/preproc.c that will cause a remote denial of service attack...

5.5CVSS4AI score0.01451EPSS
Exploits1References1
NVD
NVD
added 2017/12/21 5:29 p.m.26 views

CVE-2017-6136

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.0.0 - 12.1.2, undisclosed traffic patterns sent to BIG-IP virtual servers, with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile, may cause...

5.9CVSS5.7AI score0.0141EPSS
Exploits0References2
Prion
Prion
added 2017/12/21 5:29 p.m.20 views

Code injection

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners primary and/or secondary IP may...

5CVSS7.6AI score0.02537EPSS
Exploits0References3Affected Software11
Prion
Prion
added 2017/12/21 5:29 p.m.19 views

Design/Logic Flaw

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.0.0 - 12.1.2, undisclosed traffic patterns sent to BIG-IP virtual servers, with the TCP Fast Open and Tail Loss Probe options enabled in the associated TCP profile, may cause...

4.3CVSS5.7AI score0.0141EPSS
Exploits0References2Affected Software11
Cvelist
Cvelist
added 2017/12/21 5:0 p.m.25 views

CVE-2017-6138

In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of...

7.4AI score0.01585EPSS
Exploits0References2
CVE
CVE
added 2017/12/21 5:0 p.m.61 views

CVE-2017-6132

CVE-2017-6132 affects F5 BIG-IP LTM and multiple modules (AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) across versions 11.5.0–11.5.4, 11.6.0–11.6.1, 12.0.0–12.1.2, and 13.0.0. The issue stems from an undisclosed sequence of packets sent to HA mirror listeners that may c...

7.5CVSS7.6AI score0.02537EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.69 views

CVE-2017-6133

In F5 BIG-IP, the CVE-2017-6133 vulnerability affects BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe with versions 13.0.0 and 12.1.0–12.1.2. The issue arises from an undisclosed HTTP request handling flaw in the Traffic Management Microkernel (TMM), leading to de...

7.8CVSS7.4AI score0.0236EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.70 views

CVE-2017-6167

CVE-2017-6167 is a race-condition vulnerability in F5 BIG-IP iControl REST that can cause commands to execute with elevated privileges. Affected BIG-IP versions include 13.x (13.0.0), 12.x (12.1.0–12.1.2), 14.x (14.1.x), 15.x (15.0–15.1.1/2), and 16.x (16.0.0–16.0.1). Red Hat and F5 advisories co...

8.5CVSS7.5AI score0.01062EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.54 views

CVE-2017-6134

The vulnerability CVE-2017-6134 affects F5 BIG-IP BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe across 11.x, 12.x, and 13.x branches. An undisclosed sequence of packets from an adjacent network can cause the Traffic Management Microkernel (TMM) to crash, po...

6.5CVSS6.4AI score0.00866EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.59 views

CVE-2017-6135

CVE-2017-6135 affects F5 BIG-IP software (LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) version 13.0.0. The issue is a slow memory leak caused by undisclosed IPv4/IPv6 packets sent to the BIG-IP management port or self IP addresses, which can lead to out-of-memory (...

7.8CVSS7.5AI score0.01637EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.66 views

CVE-2017-6138

CVE-2017-6138 affects F5 BIG-IP software (LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, WebSafe) versions 13.0.0 and 12.1.0–12.1.2. Malicious requests to virtual servers with an HTTP profile can cause TMM restart; APM profiles are affected regardless of settings, and non-def...

7.5CVSS7.3AI score0.01585EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/12/21 5:0 p.m.66 views

CVE-2017-6151

CVE-2017-6151 affects F5 BIG-IP software (LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, WebAccelerator, WebSafe) version 13.0.0 where virtual servers using the HTTP/2 profile may cause disruption of TMM. Root cause: undisclosed requests to HTTP/2-enabled virtua...

7.8CVSS7.4AI score0.01637EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2017/12/21 3:29 a.m.25 views

CVE-2017-17818

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...

7.5CVSS7.4AI score0.02721EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2017/12/21 3:29 a.m.4 views

CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

7.8CVSS5.9AI score0.01696EPSS
Exploits1References4
NVD
NVD
added 2017/12/21 3:29 a.m.24 views

CVE-2017-17814

In Netwide Assembler NASM 2.14rc0, there is a use-after-free in dodirective in asm/preproc.c that will cause a remote denial of service attack...

5.5CVSS5.7AI score0.01188EPSS
Exploits1References2
OSV
OSV
added 2017/12/21 3:29 a.m.3 views

DEBIAN-CVE-2017-17811

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer overflow that will cause a remote denial of service attack, related to a strcpy in pastetokens in asm/preproc.c, a similar issue to CVE-2017-11111...

5.5CVSS9.3AI score0.01244EPSS
Exploits1References1
Prion
Prion
added 2017/12/21 3:29 a.m.23 views

Heap overflow

In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...

5CVSS7.3AI score0.02721EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder