Lucene search
+L

215 matches found

cve
cve
added 2022/05/05 4:26 p.m.91 views

CVE-2022-26372

CVE-2022-26372 affects F5 BIG-IP DNS profile: when a DNS listener on a virtual server uses DNS queueing (default), undisclosed requests can cause memory resource utilization to spike, leading to degraded performance or DoS. Affected branches and fixes per VULNERABILITY docs: BIG-IP 15.1.x before ...

7.5CVSS7.5AI score0.00843EPSS
Exploits0References1Affected Software11
cvelist
cvelist
added 2022/05/05 4:26 p.m.22 views

CVE-2022-26372

On F5 BIG-IP 15.1.x versions prior to 15.1.0.2, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all versions of 12.1.x and 11.6.x, when a DNS listener is configured on a virtual server with DNS queueing default, undisclosed requests can cause an increase in memory resource...

7.5CVSS7.6AI score0.00843EPSS
Exploits0References1
nessus
nessus
added 2022/05/05 12:0 a.m.20 views

F5 Networks BIG-IP : DNS profile vulnerability (K23454411)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.6 / 15.1.0.2 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K23454411 advisory. - On F5 BIG-IP 15.1.x versions prior to 15.1.0.2, 14.1.x versions prior to 14.1.4.6, 13.1.x...

7.5CVSS7.5AI score0.00843EPSS
Exploits0References2
nvd
nvd
added 2022/01/25 8:15 p.m.31 views

CVE-2022-23023

On BIG-IP version 16.1.x before 16.1.2.1, 15.1.x before 15.1.5, 14.1.x before 14.1.4.5, and all versions of 13.1.x and 12.1.x, and BIG-IQ all versions of 8.x and 7.x, undisclosed requests by an authenticated iControl REST user can cause an increase in memory resource utilization. Note: Software...

6.5CVSS0.00895EPSS
Exploits0References1
nvd
nvd
added 2022/01/25 8:15 p.m.14 views

CVE-2022-23015

On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, and 14.1.2.6-14.1.4.4, when a Client SSL profile is configured on a virtual server with Client Certificate Authentication set to request/require and Session Ticket enabled and configured, processing SSL traffic can cause an increase i...

7.5CVSS0.00629EPSS
Exploits0References1
nvd
nvd
added 2022/01/25 8:15 p.m.17 views

CVE-2022-23029

On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which ha...

5.3CVSS0.00729EPSS
Exploits0References1
nvd
nvd
added 2022/01/25 8:15 p.m.12 views

CVE-2022-23019

On BIG-IP version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a message routing type virtual server is configured with both Diameter Session and Router Profiles, undisclosed traffic can cause an increase in memory resource...

7.5CVSS0.0092EPSS
Exploits0References1
prion
prion
added 2022/01/25 8:15 p.m.19 views

Design/Logic Flaw

On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, when a FastL4 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. Note: Software versions which ha...

5CVSS5.3AI score0.00729EPSS
Exploits0References1Affected Software14
prion
prion
added 2022/01/25 8:15 p.m.14 views

Design/Logic Flaw

On BIG-IP version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all versions of 13.1.x and 12.1.x, when a message routing type virtual server is configured with both Diameter Session and Router Profiles, undisclosed traffic can cause an increase in memory resource...

7.1CVSS7.5AI score0.0092EPSS
Exploits0References1Affected Software11
cve
cve
added 2022/01/25 7:11 p.m.90 views

CVE-2022-23029

The CVE-2022-23029 issue affects BIG-IP with a FastL4 profile on a virtual server, where undisclosed traffic can cause a rise in memory utilization. Affected versions include 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all 13.1.x, 12.1.x, 11.6.x. The exposure can lead ...

5.3CVSS5.6AI score0.00729EPSS
Exploits0References1Affected Software14
cve
cve
added 2022/01/25 7:11 p.m.99 views

CVE-2022-23015

CVE-2022-23015 affects BIG-IP: memory resource utilization increased when a Client SSL profile on a virtual server uses Client Certificate Authentication (request/require) with Session Ticket enabled. Affected: BIG-IP 16.x before 16.1.0; 15.1.x before 15.1.4.1; 14.1.2.6–14.1.4.4. Remediation/miti...

7.5CVSS7.6AI score0.00629EPSS
Exploits0References1Affected Software11
osv
osv
added 2022/01/21 6:15 p.m.5 views

CVE-2020-4875

IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 190838...

8.2CVSS5.8AI score0.01726EPSS
Exploits0References2
nessus
nessus
added 2022/01/19 12:0 a.m.30 views

F5 Networks BIG-IP : BIG-IP MRF Diameter vulnerability (K82793463)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.4 / 15.1.4.1 / 16.1.2. It is, therefore, affected by a vulnerability as referenced in the K82793463 advisory. - On BIG-IP version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and al...

7.5CVSS7.4AI score0.0092EPSS
Exploits0References2
nessus
nessus
added 2022/01/19 12:0 a.m.29 views

F5 Networks BIG-IP : BIG-IP FastL4 profile vulnerability (K50343028)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.4 / 15.1.4.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K50343028 advisory. - On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all...

5.3CVSS5.8AI score0.00729EPSS
Exploits0References2
nessus
nessus
added 2022/01/19 12:0 a.m.27 views

F5 Networks BIG-IP : iControl REST vulnerability (K11742742)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.5 / 16.1.2.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K11742742 advisory. Undisclosed requests by an authenticated iControl REST user can cause an increase in...

6.5CVSS6.5AI score0.00895EPSS
Exploits0References2
osv
osv
added 2021/10/27 7:15 p.m.42 views

CVE-2021-40114

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper memory resource manageme...

7.5CVSS3.8AI score
Exploits0References3
ubuntucve
ubuntucve
added 2021/10/27 7:15 p.m.29 views

CVE-2021-40114

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper memory resource manageme...

7.8CVSS6.6AI score0.02367EPSS
Exploits0References2
alpinelinux
alpinelinux
added 2021/10/27 6:56 p.m.34 views

CVE-2021-40114

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper memory resource manageme...

7.8CVSS7.1AI score0.02367EPSS
Exploits0
attackerkb
attackerkb
added 2021/10/27 4:0 p.m.4 views

CVE-2021-40114

Multiple Cisco products are affected by a vulnerability in the way the Snort detection engine processes ICMP traffic that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper memory resource manageme...

7.8CVSS6.6AI score0.02367EPSS
Exploits0References4
cnvd
cnvd
added 2021/09/22 12:0 a.m.20 views

IBM Jazz for Service Management XML External Entity Injection Vulnerability

Jazz is IBM Rational's next-generation collaboration platform for software delivery technology.The Jazz platform has been carefully designed and developed specifically for global and geographically diverse teams, and will change the way people collaborate to build software - improving the...

8.1CVSS7.9AI score0.01467EPSS
Exploits0References1
Rows per page
Query Builder