Lucene search
K

409 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:17 p.m.9 views

CVE-2021-23051

On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Development Kit DPDK/Elastic Network Adapter ENA driver is used with BIG-IP on Amazon Web Services AWS systems, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. This is due to an incomplete fix for...

7.5CVSS6.8AI score0.01069EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:17 p.m.9 views

CVE-2021-23009

On BIG-IP version 16.0.x before 16.0.1.1 and 15.1.x before 15.1.3, malformed HTTP/2 requests may cause an infinite loop which causes a Denial of Service for Data Plane traffic. TMM takes the configured HA action when the TMM process is aborted. There is no control plane exposure, this is a data...

7.5CVSS6.9AI score0.00988EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:43 p.m.7 views

CVE-2020-5871

On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service DoS when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by the HTTP/2 RFC, are used on backend servers. This is a data-plane issue. There is no control-plane...

7.5CVSS6.9AI score0.01044EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:16 a.m.7 views

CVE-2019-6629

On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server configured with a Client SSL profile may cause TMM to fail and restart. The Client SSL profile must have session tickets enabled and use DHE cipher suites to be affected. This only impacts the data plane, there is no impact to...

7.5CVSS6.8AI score0.01309EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2025/04/17 12:13 a.m.3 views

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

7.4CVSS5.8AI score0.00551EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/04/17 12:13 a.m.5 views

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

7.4CVSS5.8AI score0.00551EPSS
Exploits0References4
OSV
OSV
added 2025/03/06 9:18 a.m.19 views

BIT-NGINX-2025-1695 NGINX Unit Java Vulnerability

In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...

6.9CVSS5.1AI score0.00552EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/06 1:20 a.m.19 views

CVE-2025-1695

In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...

6.9CVSS7.1AI score0.00552EPSS
Exploits0References3
OSV
OSV
added 2025/03/04 1:15 a.m.2 views

CVE-2025-1695

In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...

5.3CVSS5.8AI score0.00552EPSS
Exploits0References1
CVE
CVE
added 2025/03/04 12:54 a.m.168 views

CVE-2025-1695

NGINX Unit 1.34.2+ with the Java Language Module is affected by CVE-2025-1695. In versions prior to 1.34.2, undisclosed requests can trigger an infinite loop, increasing CPU utilization and causing a limited denial-of-service on the data plane. The issue is a data-plane degradation with no contro...

6.9CVSS6.9AI score0.00552EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/03/04 12:54 a.m.19 views

CVE-2025-1695 NGINX Unit Java Vulnerability

In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...

6.9CVSS0.00552EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.4 views

DEBIAN-CVE-2022-49215

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xskunbinddev starts by setting xs-state to XSKUNBOUND, sets xs-dev to...

4.7CVSS5.4AI score0.00169EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:0 a.m.4 views

UBUNTU-CVE-2022-49215

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xskunbinddev starts by setting xs-state to XSKUNBOUND, sets xs-dev to...

4.7CVSS6.1AI score0.00169EPSS
Exploits0References7
OSV
OSV
added 2025/01/10 1:0 p.m.5 views

OESA-2025-1029 dpdk security update

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...

7.4CVSS6.7AI score0.00551EPSS
Exploits0References2
OSV
OSV
added 2025/01/10 10:3 a.m.10 views

RHSA-2025:0220 Red Hat Security Advisory: dpdk security update

Bulletin has no description...

7.4CVSS7.3AI score0.00551EPSS
Exploits0References7
OSV
OSV
added 2025/01/10 10:3 a.m.13 views

RHSA-2025:0210 Red Hat Security Advisory: dpdk security update

Bulletin has no description...

7.4CVSS7.3AI score0.00551EPSS
Exploits0References7
OSV
OSV
added 2025/01/10 10:2 a.m.14 views

RHSA-2025:0209 Red Hat Security Advisory: dpdk security update

Bulletin has no description...

7.4CVSS7.3AI score0.00551EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2025/01/09 5:3 p.m.4 views

dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

7.4CVSS5.8AI score0.00551EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/01/09 3:33 p.m.20 views

Important: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

7.4CVSS7.1AI score0.00551EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/09 12:0 a.m.8 views

RHEL 9 : dpdk (RHSA-2025:0208)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0208 advisory. The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space...

7.4CVSS7.3AI score0.00551EPSS
Exploits0References4
Rows per page
Query Builder