EUVD-2017-8304

Malware in sbrugna...

EUVD-2022-44981

Malicious code in bioql PyPI...

CVE-2022-41813

In versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5, and all versions of 13.1.x, when BIG-IP is provisioned with PEM or AFM module, an undisclosed input can cause Traffic Management Microkernel TMM to terminate...

F5 Networks BIG-IP : BIG-IP PEM and AFM TMUI, TMSH, and iControl REST vulnerability (K93723284)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.6.1 / 16.1.3.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K93723284 advisory. When the BIG-IP system is provisioned with the PEM or AFM module, an undisclosed input can cause...

F5 BIG-IP 输入验证错误漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, and load balancing from F5 USA. F5 BIG-IP suffers from an input validation error vulnerability that stems from an undisclosed input that could cause the Traffic Management...

Huawei Data Communication: Multiple Vulnerabilities of PEM Module in Some Huawei Products (huawei-sa-20171206-01-pem)

There is a null pointer reference vulnerability in PEM module of Huawei products due to insufficient verification. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2017-6153

Features in F5 BIG-IP 13.0.0-13.1.0.3, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 system that utilizes inflate functionality directly, via an iRule, or via the inflate code from PEM module are subjected to a service disruption via a "Zip Bomb" attack...

F5 BIG-IP Denial of Service Vulnerability (CNVD-2018-15636)

F5 BIG-IP is a collection of software and hardware that allows you to control the traffic that passes through your network. A denial-of-service vulnerability exists in F5 BIG-IP 11.x, 12.x, and 13.x. A remote attacker could exploit this vulnerability by sending specially crafted data to a target...

Input validation

PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10...

CVE-2017-17135

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

CVE-2017-17138

PEM module of DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700 V200R006C10...

CVE-2017-17136

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

CVE-2017-17137

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

Null pointer dereference

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

CVE-2017-17138

CVE-2017-17138 is a DoS in the Huawei PEM module caused by insufficient verification, where an authenticated local attacker can trigger a deadloop by presenting a malicious certificate. Affected Huawei products include DP300, IPS, NGFW, NIP6300/6600, RP200, S-series (S12700, S1700, S2700, S5700, ...

CVE-2017-17135

PEM module of Huawei DP300 V500R002C00; IPS Module V500R001C00; V500R001C30; NGFW Module V500R001C00; V500R002C00; NIP6300 V500R001C00; V500R001C30; NIP6600 V500R001C00; V500R001C30; RP200 V500R002C00; V600R006C00; S12700 V200R007C00; V200R007C01; V200R008C00; V200R009C00; V200R010C00; S1700...

CVE-2017-17135

CVE-2017-17135 is a null pointer reference vulnerability in the PEM module of Huawei products, including DP300 family, IPS, NGFW, NIP, S-series, Secospace USG, ViewPoint, TE, TP, USG9500, and related models, due to insufficient verification. An authenticated local attacker can call the PEM decode...

Memory Out-of-Bounds Access Vulnerability in PEM Module for Multiple Huawei Products

Huawei DP300, IPS Module, and NGFW Module are all products of Huawei China. The memory out-of-bounds access vulnerability in the PEM Module of several Huawei products can be exploited by an authenticated local attacker to launch a denial-of-service attack by constructing a malicious certificate...

PEM module null pointer access vulnerability in multiple Huawei products

Huawei DP300, IPS Module, and NGFW Module are all products of Huawei China. A null pointer access vulnerability exists in the PEM module of multiple Huawei products, which can be exploited by an authenticated local attacker to cause a denial-of-service attack by calling the PEM decoder with...

PEM module heap overflow vulnerability in multiple Huawei products

Huawei DP300, IPS Module, and NGFW Module are all products of Huawei China. A heap overflow vulnerability exists in the PEM module of multiple Huawei products, which can be exploited by an authenticated local attacker to launch a denial-of-service attack by constructing a malicious certificate th...