CVE-2022-23015

On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, and 14.1.2.6-14.1.4.4, when a Client SSL profile is configured on a virtual server with Client Certificate Authentication set to request/require and Session Ticket enabled and configured, processing SSL traffic can cause an increase i...

CVE-2022-23010

CVE-2022-23010 affects BIG-IP: when a FastL4 profile and an HTTP profile are on a virtual server, undisclosed requests can cause memory resource utilization to increase, potentially impacting performance. Affects 16.x (16.0.0–16.0.1), 15.x (15.1.0–15.1.4, fixed in 15.1.4.1), 14.x (14.1.0–14.1.4, ...

F5 BIG-IP code issue vulnerability (CNVD-2022-70623)

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IP has a code issue vulnerability that can be exploited by attackers to increase disk utilization and cause denial of...

F5 Networks BIG-IP : BIG-IP FastL4 profile vulnerability (K50343028)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.4 / 15.1.4.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K50343028 advisory. - On BIG-IP version 16.x before 16.1.0, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and all...

F5 Networks BIG-IP : iControl REST vulnerability (K11742742)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.5 / 16.1.2.1 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K11742742 advisory. Undisclosed requests by an authenticated iControl REST user can cause an increase in...

F5 BIG-IP 代码问题漏洞

F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. F5 BIG-IP has a code issue vulnerability that can be exploited by attackers to increase disk utilization and cause denial of...

F5 Networks BIG-IP : BIG-IP Client SSL profile vulnerability (K08476614)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.5 / 15.1.4.1 / 16.1.0. It is, therefore, affected by a vulnerability as referenced in the K08476614 advisory. - On BIG-IP versions 16.x before 16.1.0, 15.1.x before 15.1.4.1, and 14.1.2.6-14.1.4.4, when a Client SSL...

F5 Networks BIG-IP : BIG-IP VE vulnerability (K53442005)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.4.1 / 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K53442005 advisory. - On version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.5, and...

F5 Networks BIG-IP : BIG-IP MRF Diameter vulnerability (K82793463)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.4 / 15.1.4.1 / 16.1.2. It is, therefore, affected by a vulnerability as referenced in the K82793463 advisory. - On BIG-IP version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1, 14.1.x before 14.1.4.4, and al...

F5 Networks BIG-IP : BIG-IP ASM and Advanced WAF REST API endpoint vulnerability (K08402414)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.4.5 / 15.1.4.1 / 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K08402414 advisory. - On BIG-IP ASM & Advanced WAF version 16.1.x before 16.1.2, 15.1.x before 15.1.4.1,...

Juniper Junos OS Vulnerability (JSA11267)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11267 advisory. - A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service DoS by sending crafted genuin...

What is IAM (Identity and Access Management) ❓

Would you like to leave your locker open, with valuables inside, while you’re leaving town or going to sleep? Of course not, as doing so is a foolish act and is like sending invitations to the buglers. Similarly, one shouldn’t leave its database and information center open for all. This will lead...

Moderate: python-psutil security update

psutil is a module providing an interface for retrieving information on all running processes and system utilization CPU, memory, disks, network, users in a portable way by using Python. Security Fixes: python-psutil: double free because of refcount mishandling CVE-2019-18874 For more details abo...

Rebalance will fail if a market has high utilization

Handle cmichel Vulnerability details The AssetManager.rebalance function iterates through the markets and withdraws all tokens in the moneyMarketsi.withdrawAll call. Note that in peer-to-peer lending protocols like Compound/Aave the borrower takes the tokens from the supplier and it might not be...

CVE-2021-31361

An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP...

CVE-2021-31361

CVE-2021-31361 affects Juniper Networks Junos OS on QFX Series and PTX Series. The issue stems from an improper check and handling of exceptional conditions, allowing an unauthenticated network attacker to increase FPC CPU utilization by sending certain IP packets encapsulated in VXLAN, causing a...

Juniper Networks Junos OS 代码问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS is vulnerable to a code issue that could allow an unauthenticated attacker to cause a denial of...

CVE-2021-1624

A vulnerability in the Rate Limiting Network Address Translation NAT feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service DoS condition. This...

Race condition

A vulnerability in the Rate Limiting Network Address Translation NAT feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization in the Cisco QuantumFlow Processor of an affected device, resulting in a denial of service DoS condition. This...

CVE-2021-1624

Cisco IOS XE Software contains a vulnerability in the Rate Limiting NAT feature that can be exploited remotely by sending large volumes of traffic, causing the QuantumFlow Processor to reach 100% utilization and resulting in a DoS. Root cause: mishandling of the rate limiting feature within the Q...