Lucene search
K

214 matches found

Vulnrichment
Vulnrichment
added 2024/02/14 4:30 p.m.20 views

CVE-2024-21789 BIG-IP ASM and Advanced WAF vulnerability

When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.5CVSS6.9AI score0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/14 4:30 p.m.29 views

CVE-2024-21789 BIG-IP ASM and Advanced WAF vulnerability

When a BIG-IP ASM/Advanced WAF security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.5CVSS7.7AI score0.00515EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/01/22 12:0 a.m.3 views

VulnCheck KEV: CVE-2020-4463

IBM Maximo Asset Management 7.6.0.1 and 7.6.0.2 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181484...

8.2CVSS7.3AI score0.3159EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2023/12/12 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2023-3302)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.6AI score0.03024EPSS
Exploits1References2
Amazon
Amazon
added 2023/11/03 12:0 a.m.60 views

Important: httpd24

Issue Overview: Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. CVE-2023-31122 A flaw was found in httpd. This flaw allows an attacker opening an HTTP/2 connection with an initial window size of 0 to block handling of that...

7.5CVSS6.8AI score0.70595EPSS
Exploits1
OSV
OSV
added 2023/10/27 9:49 p.m.30 views

MGASA-2023-0304 Updated apache packages fix security vulnerabilities

Apache has been updated to version 2.4.58 to fix several security issues. CVE-2023-45802: Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST cve.mitre.org When a HTTP/2 stream was reset RST frame by a client, there was a time window were the request's memory resources were n...

7.5CVSS7.8AI score0.70595EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/10/14 12:0 a.m.3 views

PT-2023-7009 · Ibm · Ibm Security Directory Server

Name of the Vulnerable Software and Affected Versions: IBM Security Directory Server version 6.4.0 Description: The issue is related to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this to expose sensitive information or consume memory...

9.4CVSS9AI score0.00714EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/10/13 12:0 a.m.24 views

F5 Networks BIG-IP TCP profile vulnerability (K000134652)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.9. It is, therefore, affected by a vulnerability as referenced in the K000134652 advisory. When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed...

7.5CVSS7.4AI score0.00538EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/10/10 12:33 p.m.12 views

CVE-2023-40542 BIG-IP TCP Profile vulnerability

When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.5CVSS7.5AI score0.00538EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/10 12:33 p.m.19 views

CVE-2023-40542 BIG-IP TCP Profile vulnerability

When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.5CVSS7.7AI score0.00538EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/10/10 10:23 a.m.22 views

K000134652: BIG-IP TCP profile vulnerability CVE-2023-40542

Security Advisory Description When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2023-40542 Impact System performance can degrade until the Traffic Management Microkernel TMM...

7.5CVSS7.5AI score0.00538EPSS
Exploits0Affected Software12
Tenable Nessus
Tenable Nessus
added 2023/06/23 12:0 a.m.32 views

F5 Networks BIG-IP : BIG-IP HTTP/2 profile vulnerability (K56676554)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.3.3 / 17.0.0.2 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K56676554 advisory. - On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, and BIG-IP SPK starting in versio...

7.5CVSS7.4AI score0.00626EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/25 12:0 a.m.32 views

F5 Networks BIG-IP : BIG-IP Packet Filters vulnerability (K31856317)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.6 / 15.1.5.1 / 16.1.2.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K31856317 advisory. - On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1....

5.3CVSS5.8AI score0.0083EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/05/23 9:17 a.m.51 views

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS bas...

8.1CVSS6.8AI score0.14663EPSS
Exploits2References24
NVD
NVD
added 2023/04/26 8:15 p.m.22 views

CVE-2023-28008

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

8.1CVSS7.4AI score0.00821EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2023/02/21 6:59 p.m.39 views

K34360320: BIG-IP FastL4 vulnerability CVE-2022-23010

Security Advisory Description When a FastL4 profile and an HTTP profile are configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-23010 Impact System performance can degrade until the process is either forced to restart or is manually...

7.5CVSS7.5AI score0.00952EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
added 2023/02/21 6:55 p.m.51 views

K23454411: DNS profile vulnerability CVE-2022-26372

Security Advisory Description When a DNS listener is configured on a virtual server with DNS queueing default, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-26372 Impact System performance can degrade until the Traffic Management Microkernel TMM process is...

7.5CVSS7.4AI score0.00843EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
added 2023/02/21 6:54 p.m.89 views

K28405643: BIG-IP Message Routing MQTT vulnerability CVE-2022-35240

Security Advisory Description When the Message Routing MR Message Queuing Telemetry Transport MQTT profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-35240 Impact System performance can degrade until the TMM process is...

7.5CVSS7.3AI score0.00681EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.45 views

K31856317: BIG-IP Packet Filters vulnerability CVE-2022-27182

Security Advisory Description When BIG-IP packet filters are enabled and a virtual server is configured with the type set to Reject, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-27182 Impact System performance can degrade until the process is either forced t...

5.3CVSS5.4AI score0.0083EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.31 views

K00721320: BIG-IP AFM NAT64 policy vulnerability CVE-2022-41806

Security Advisory Description When a BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-41806 Impact System performance can degrade until the TMM...

7.5CVSS7.5AI score0.00616EPSS
Exploits0Affected Software1
Rows per page
Query Builder