Lucene search
K

51 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:29 p.m.34 views

K15723: OpenSSL vulnerability CVE-2014-3567

Security Advisory Description Description Memory leak in the tlsdecryptticket function in t1lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service memory consumption via a crafted session ticket that triggers an...

7.1CVSS7.4AI score0.23598EPSS
Exploits0Affected Software20
F5 Networks
F5 Networks
added 2023/02/21 7:28 p.m.32 views

K15160: GnuTLS vulnerability CVE-2014-0092

Security Advisory Description lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers via a crafted certificate. CVE-2014-0092 Impact...

5.8CVSS6.6AI score0.29958EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:55 p.m.35 views

K27617652: BIG-IP APM OAuth failure response message vulnerability CVE-2018-15335

Security Advisory Description When APM is deployed as an OAuth Resource Server, APM becomes a client application to an external OAuth authorization server. In certain cases when communication between the BIG-IP APM and the OAuth authorization server is lost, APM may not display the intended messa...

5.9CVSS6AI score0.01427EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:50 p.m.44 views

K15571: OpenSSL vulnerability CVE-2014-3508

Security Advisory Description Description The OBJobj2txt function in crypto/objects/objdat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to...

4.3CVSS6.3AI score0.23292EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.58 views

K11068141: Python vulnerability CVE-2014-9365

Security Advisory Description The HTTP clients in the 1 httplib, 2 urllib, 3 urllib2, and 4 xmlrpclib libraries in CPython aka Python 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not a check the certificate against a trust store or verify that the server hostname matches...

5.8CVSS7.4AI score0.03269EPSS
Exploits1Affected Software18
F5 Networks
F5 Networks
added 2023/02/21 6:26 p.m.35 views

K15852: Linux kernel vulnerability CVE-2014-3122

Security Advisory Description Description The trytounmapcluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service system crash by triggering a memory-usage pattern that requires...

4.9CVSS5.3AI score0.00545EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
added 2023/02/21 6:10 p.m.34 views

K16318: OpenSSL vulnerability CVE-2015-0287

Security Advisory Description The ASN1itemexd2i function in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a does not reinitialize CHOICE and ADB data structures, which might allow attackers to cause a denial of service invalid wri...

5CVSS6.8AI score0.0837EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/01/04 11:2 p.m.64 views

K95313044: Multiple Java vulnerabilities

Security Advisory Description CVE-2013-3829 Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentialit...

10CVSS7.3AI score0.17606EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/01/04 7:47 p.m.40 views

K55347921: Linux kernel vulnerability CVE-2017-7477

Security Advisory Description Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAXSKBFRAGS+1 size in conjunction with the...

7CVSS7AI score0.00387EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/01/04 6:25 p.m.54 views

K53244431: SSL Intercept iApp HTTP Explicit Proxy vulnerability CVE-2017-0305

SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus...

9.8CVSS9.5AI score0.03776EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/01/04 12:50 a.m.36 views

K19784568: TMM vulnerability CVE-2016-5023

Security Advisory Description Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service Traffic Management Microkernel...

7.5CVSS7.5AI score0.03046EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
added 2023/01/04 12:39 a.m.30 views

K92859602: BIG-IP TMM iRules vulnerability CVE-2016-5024

Security Advisory Description Virtual servers in F5 BIG-IP systems 11.6.1 before 11.6.1 HF1 and 12.1.x before 12.1.2, when configured to parse RADIUS messages via an iRule, allow remote attackers to cause a denial of service Traffic Management Microkernel restart via crafted network traffic...

5.9CVSS5.9AI score0.01837EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
added 2023/01/04 12:34 a.m.30 views

K82851041: TMM vulnerability CVE-2017-6137

Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, GTM, Link Controller, PEM, PSM, WebAccelerator, and WebSafe 11.6.1 HF1, 12.0.0 HF3, 12.0.0 HF4, and 12.1.0 through 12.1.2, undisclosed traffic patterns received while software SYN cookie protection i...

5.9CVSS5.7AI score0.0109EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
added 2023/01/03 10:19 p.m.80 views

K91229003: Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754

Security Advisory Description The following three side-channel attacks were publicly disclosed on January 3, 2018: CVE-2017-5715 Spectre-BTB previously known as Spectre Variant 2 Branch target injection Systems with microprocessors utilizing speculative execution and indirect branch prediction ma...

5.6CVSS7.4AI score0.93838EPSS
Exploits12
F5 Networks
F5 Networks
added 2023/01/03 10:8 p.m.54 views

K14652952: yurex USB driver vulnerability CVE-2018-16276

Security Advisory Description An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges...

7.8CVSS6.3AI score0.0044EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/01/03 9:53 p.m.94 views

K58523202: PHP vulnerabilities CVE-2018-19395 and CVE-2018-19396

Security Advisory Description CVE-2018-19395 ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service NULL pointer dereference and application crash because com and comsafearrayproxy return NULL in compropertiesget in ext/comdotnet/comhandlers.c, as...

7.5CVSS7.4AI score0.04584EPSS
Exploits2
F5 Networks
F5 Networks
added 2022/12/31 3:6 a.m.37 views

K68151373: IP Intelligence Feed List TMUI vulnerability CVE-2019-6636

Security Advisory Description On BIG-IP AFM, ASM 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4, a stored cross-site scripting vulnerability in AFM feed list. In the worst case, an attacker can store a CSRF which results in code execution as the admin user. Th...

8.5CVSS8.5AI score0.00932EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
added 2022/12/31 2:52 a.m.42 views

K48351130: Linux kernel vulnerability CVE-2019-16714

Security Advisory Description In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. CVE-2019-16714 Impact This vulnerability may allow attackers to obtain...

7.5CVSS7.5AI score0.02701EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2022/12/31 2:42 a.m.36 views

K98008862: OpenLDAP vulnerability CVE-2019-13565

Security Advisory Description An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any...

7.5CVSS6.8AI score0.05015EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2022/12/31 2:27 a.m.48 views

K76052144: BIG-IP, BIG-IQ, Enterprise Manager, and F5 iWorkflow Configuration utility vulnerability CVE-2019-6663

Security Advisory Description The BIG-IP / BIG-IQ / Enterprise Manager / F5 iWorkflow Configuration utility is vulnerable to Anti DNS Pinning DNS Rebinding attack. CVE-2019-6663 Impact BIG-IP / BIG-IQ / Enterprise Manager / F5 iWorkflow An Anti DNS Pinning DNS Rebinding attack allows an attacker ...

5.5CVSS5.6AI score0.00649EPSS
Exploits0
Rows per page
Query Builder