F5 Networks BIG-IP : BIG-IP scripted monitor vulnerability (K000161040)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000161040 advisory. A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the...

F5 Networks BIG-IP : BIG-IP SSL vulnerability (K000158082)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000158082 advisory. When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel...

F5 Networks BIG-IP : iControl REST and tmsh vulnerability (K000156581)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000156581 advisory. Incorrect permission assignment vulnerabilities exist in iControl REST and TMOS Shell tmsh undisclosed...

F5 Networks BIG-IP : BIG-IP and BIG-IQ privilege escalation vulnerability (K000160971)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.2 / 17.5.1.6 / 21.0.0.2. It is, therefore, affected by a vulnerability as referenced in the K000160971 advisory. A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker...

F5 Networks BIG-IP : BIG-IP HTTP/2 Layer 7 DoS Protection vulnerability (K000158979)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4. It is, therefore, affected by a vulnerability as referenced in the K000158979 advisory. On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase...

F5 Networks BIG-IP : BIG-IP HTTP/2 vulnerability (K000159034)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3.1 / 17.5.1.4 / 21.0.0.1. It is, therefore, affected by a vulnerability as referenced in the K000159034 advisory. When an HTTP/2 profile and an iRule containing theHTTP::redirectorHTTP::respondcommand are configured ...

Malicious code in claude-internal-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24a94a290c15f2b6cdaf351590455cd597bb2881f7bbcf1609fbfbd8031e491f Package name impersonates an internal Anthropic 'claude-' namespace and the description field self-identifies as 'Alex Birsan Style'...

Apache Neethi: Apache Neethi: Information disclosure and network access bypass via PolicyReference API

A flaw was found in Apache Neethi. When an application explicitly calls the PolicyReference API to retrieve a policy from a remote Uniform Resource Identifier URI, Apache Neethi does not impose restrictions on the URI. This allows a remote attacker to cause the application to make outbound reques...

kernel: usbip: validate number_of_packets in usbip_pack_ret_submit()

A flaw was found in the Linux kernel's USB/IP subsystem. A malicious USB/IP server could exploit a vulnerability in the usbippackretsubmit function by sending a specially crafted RETSUBMIT response. This response, containing an oversized numberofpackets value, could cause a heap out-of-bounds...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: ipv6: Ensure a sane device mtu in tunnels. Another syzbot report 1 indicates a bug in the ip6gre tunnel dev:ip6gretap0. Since the ipv6 mcast code ensures that dev-mtu is read once and a sanity check is performed on it see comm...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: inet: frags: dropping fraglist and conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reprodu...

Astra Linux - уязвимость в mod-wsgi

A vulnerability was discovered in modwsgi. The X-Client-IP header is not removed from a request sent from a trusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application. The condition necessary to remove the X-Client-IP header is missing...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/mlx5: Fixed a crash that occurs when switching to switchdev mode. When switching to switchdev mode if the device does not support IPsec, we attempt to clean up the IPsec resources anyway, which causes the crash. This issue...

Astra Linux - уязвимость в open-iscsi

A issue was discovered in Contiki version 3.0. A out-of-bounds read vulnerability exists in the uIP TCP/IP stack component when calculating checksums for IP packets in the upperlayerchksum function in net/ipv4/uip.c...

Astra Linux - уязвимость в ntp

In NTP versions prior to 4.2.8p14 and 4.3.x before 4.3.100, ntpd allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address. This occurs because transmissions are rescheduled even when a packet lacks a valid origin timestamp...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fixed a NULL pointer dereferencing issue during device cleanup. When GPU initialization fails due to an unsupported HW block, IP blocks may have a NULL version pointer. During cleanup in amdgpudevicefinihw, the code call...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ipvti: A potential issue related to slab-use-after-free has been fixed in decodesession6. When the ipvti device is set as a qdisc of the sfb type, the cb field of the sent skb may be modified during enqueueing. This can lead to a...

Astra Linux - уязвимость в curl

libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. As a result, it does not detect impostor attacks or man-in-the-middle attacks...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ip6gre: made ip6greheader more robust. Over the years, syzbot has identified many ways in which the kernel can crash due to issues related to ip6greheader. This involves the ability of team or bonding drivers to dynamically chang...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: USB: usbip: Fix a reference count leak in stubprobe The usbgetdev function is called in stubdevicealloc. When stubprobe fails later on, usbputdev must be called to release the reference. This issue is fixed by moving usbputdev in...