Lucene search
K

94 matches found

F5 Networks
F5 Networks
added 2023/01/04 12:50 a.m.36 views

K19784568: TMM vulnerability CVE-2016-5023

Security Advisory Description Virtual servers in F5 BIG-IP systems 11.2.1 HF11 through HF15, 11.4.1 HF4 through HF10, 11.5.3 through 11.5.4, 11.6.0 HF5 through HF7, and 12.0.0, when configured with a TCP profile, allow remote attackers to cause a denial of service Traffic Management Microkernel...

7.5CVSS7.5AI score0.03046EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
added 2022/12/31 2:52 a.m.42 views

K48351130: Linux kernel vulnerability CVE-2019-16714

Security Advisory Description In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. CVE-2019-16714 Impact This vulnerability may allow attackers to obtain...

7.5CVSS7.5AI score0.02701EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2022/12/31 2:42 a.m.37 views

K98008862: OpenLDAP vulnerability CVE-2019-13565

Security Advisory Description An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any...

7.5CVSS6.8AI score0.05015EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2022/12/31 2:0 a.m.50 views

K11186236: Linux kernel KVM subsystem vulnerability CVE-2019-6974

Security Advisory Description In the Linux kernel before 4.20.8, kvmioctlcreatedevice in virt/kvm/kvmmain.c mishandles reference counting because of a race condition, leading to a use-after-free. CVE-2019-6974 Impact BIG-IP An attacker may use this vulnerability to cause a vCMP guest to crash,...

8.1CVSS6.5AI score0.16523EPSS
Exploits2
CNVD
CNVD
added 2022/05/07 12:0 a.m.31 views

F5 Traffix SDC Cross-Site Template Injection Vulnerability

F5 Traffix Signaling Delivery Controller F5 Traffix SDC is a signaling delivery controller from F5 USA, Inc. F5 Traffix SDC is vulnerable to cross-site template injection, which can be exploited by attackers to execute language-specific commands in the template server context...

4.8CVSS5.7AI score0.00451EPSS
Exploits0References1
CNVD
CNVD
added 2022/05/07 12:0 a.m.30 views

F5 Traffix SDC Cross-Site Scripting Vulnerability

The F5 Traffix Signaling Delivery Controller F5 Traffix SDC is a signaling delivery controller from F5, Inc. It is used to provide operators with total connectivity, unlimited scalability and total control. A cross-site scripting vulnerability exists in F5 Traffix SDC, which can be exploited by a...

4.8CVSS5AI score0.00451EPSS
Exploits0References1
NCSC
NCSC
added 2022/05/06 12:0 a.m.47 views

Vulnerabilities fixed in F5 products

Vulnerabilities have been fixed in products from F5, including BIG-IP and Traffix SDC. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of...

9.8CVSS7.7AI score0.99956EPSS
Exploits63
NVD
NVD
added 2022/05/05 5:15 p.m.23 views

CVE-2022-27880

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user...

4.8CVSS0.00451EPSS
Exploits0References1
OSV
OSV
added 2022/05/05 5:15 p.m.4 views

CVE-2022-27662

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context...

4.8CVSS5.9AI score0.00451EPSS
Exploits0References1
OSV
OSV
added 2022/05/05 5:15 p.m.3 views

CVE-2022-27880

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user...

4.8CVSS5.9AI score
Exploits0References1
Prion
Prion
added 2022/05/05 5:15 p.m.25 views

Cross site scripting

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user...

3.5CVSS4.9AI score0.00451EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/05/05 5:15 p.m.22 views

Cross site scripting

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context...

3.5CVSS5.3AI score0.00451EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/05 4:32 p.m.27 views

CVE-2022-27880

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user...

4.8CVSS5.1AI score0.00451EPSS
Exploits0References1
CVE
CVE
added 2022/05/05 4:32 p.m.107 views

CVE-2022-27880

CVE-2022-27880 (F5 Traffix SDC) : A stored Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility. Affected versions are 5.2.x prior to 5.2.2 and 5.1.x prior to 5.1.35. An authenticated attacker can store malicious HTML/JavaScript that exec...

4.8CVSS5AI score0.00451EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/05/05 4:29 p.m.37 views

CVE-2022-27662

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context...

4.8CVSS5.7AI score0.00451EPSS
Exploits0References1
CVE
CVE
added 2022/05/05 4:29 p.m.83 views

CVE-2022-27662

CVE-2022-27662 affects F5 Traffix SDC: stored Cross-Site Template Injection in the Traffix SDC Configuration utility. Affected versions are 5.2.x prior to 5.2.2 and 5.1.x prior to 5.1.35. The underlying issue enables an attacker to execute template language-specific instructions in the server con...

4.8CVSS5.6AI score0.00451EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/05/05 12:0 a.m.6 views

F5 Traffix SDC 安全漏洞

F5 Traffix Signaling Delivery Controller F5 Traffix SDC is a signaling delivery controller from F5 USA, Inc. F5 Traffix SDC is vulnerable to cross-site template injection, which can be exploited by attackers to execute language-specific commands in the template server context...

4.8CVSS5.4AI score0.00451EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/05/05 12:0 a.m.5 views

F5 Traffix SDC 跨站脚本漏洞

The F5 Traffix Signaling Delivery Controller F5 Traffix SDC is a signaling delivery controller from F5, Inc. It is used to provide operators with total connectivity, unlimited scalability and total control. A cross-site scripting vulnerability exists in F5 Traffix SDC, which can be exploited by a...

4.8CVSS5.2AI score0.00451EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/04 7:45 p.m.4 views

CVE-2022-27662

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context...

4.8CVSS6AI score0.00451EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.44 views

F5 Networks BIG-IP : Linux kernel vulnerability (K40523020)

An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdromioctldrivestatus in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940...

6.1CVSS6.7AI score0.00552EPSS
Exploits0References2
Rows per page
Query Builder