Advisory ROSA-SA-2023-2253

software: mariadb 10.5.20 OS: ROSA-CHROME packageevrstring: mariadb-10.5.20-1.src.rpm CVE-ID: CVE-2022-21595 BDU-ID: 2022-06420 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability exists in the C API component of the MySQL Server database management system due to insufficient input validation. Exploitati...

Ubuntu 16.04 ESM : Apache ZooKeeper vulnerabilities (USN-4789-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4789-1 advisory. It was discovered that Apache ZooKeeper incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or oth...

lesvinaigriers.fr Cross Site Scripting vulnerability OBB-3748173

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

F5 Networks BIG-IP IPsec DoS (K000132420)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.9. It is, therefore, affected by a vulnerability as referenced in the K000132420 advisory. When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed...

F5 Networks BIG-IP TCP profile vulnerability (K000134652)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.0 / 16.1.4 / 15.1.9. It is, therefore, affected by a vulnerability as referenced in the K000134652 advisory. When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed...

F5 BIG-IP Denial of Service Vulnerability (CNVD-2023-75604)

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, and remote access policy management. A denial of service vulnerability exists in F5 BIG-IP, which can be exploited by attackers to cause an increase in memory...

CVE-2023-40542

When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

Design/Logic Flaw

When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-40542 BIG-IP TCP Profile vulnerability

When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

CVE-2023-40542

CVE-2023-40542 affects F5 BIG-IP: when TCP Verified Accept is enabled on a TCP profile configured on a virtual server, undisclosed requests can cause unbounded memory growth, degrading system performance and potentially triggering a denial of service as the TMM process restarts. The advisory (K00...

K000134652: BIG-IP TCP profile vulnerability CVE-2023-40542

Security Advisory Description When TCP Verified Accept is enabled on a TCP profile that is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2023-40542 Impact System performance can degrade until the Traffic Management Microkernel TMM...

Cisco Unified Communications Manager IM & Presence DoS (cisco-sa-cucm-apidos-PGsDcdNF)

According to its self-reported version, Cisco Unified Communications Manager IM & Presence running on the remote host is affected by a denial of service DoS vulnerability. Due to improper API authentication and incomplete verification of the API request, an unauthenticated, remote attacker can se...

Cisco Unified Communications Manager DoS (cisco-sa-cucm-apidos-PGsDcdNF)

According to its self-reported version, Cisco Unified Communications Manager running on the remote host is affected by a denial of service DoS vulnerability. Due to improper API authentication and incomplete verification of the API request, an unauthenticated, remote attacker can send a specially...

Cisco Unity Connection DoS (cisco-sa-cucm-apidos-PGsDcdNF)

According to its self-reported version, Cisco Unity Connection running on the remote host is affected by a denial of service DoS vulnerability. Due to improper API authentication and incomplete verification of the API request, an unauthenticated, remote attacker can send a specially crafted HTTP...

Cisco Emergency Responder DoS (cisco-sa-cucm-apidos-PGsDcdNF)

According to its self-reported version, Cisco Emergency Responder running on the remote host is affected by a denial of service DoS vulnerability. Due to improper API authentication and incomplete verification of the API request, an unauthenticated, remote attacker can send a specially crafted HT...

CVE-2023-20259

A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for devic...

CVE-2023-20259

A vulnerability in an API endpoint of multiple Cisco Unified Communications Products could allow an unauthenticated, remote attacker to cause high CPU utilization, which could impact access to the web-based management interface and cause delays with call processing. This API is not used for devic...

CVE-2019-8895

Rejected reason: This candidate is unused by its CNA...

CVE-2018-4679

Rejected reason: This candidate is unused by its CNA...

CVE-2018-4648

Rejected reason: This candidate is unused by its CNA...