Lucene search
K

6364 matches found

F5 Networks
F5 Networks
•added 2023/02/21 7:37 p.m.•81 views

K17315: SNMP vulnerability CVE-2014-3565

Security Advisory Description snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service snmptrapd crash via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrate...

5CVSS7.5AI score0.04619EPSS
Exploits1Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 7:7 p.m.•81 views

K48131150: Linux kernel vulnerability CVE-2019-19065

Security Advisory Description A memory leak in the sdmainit function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service memory consumption by triggering rhashtableinit failures, aka CID-34b3be18a04e. CVE-2019-19065 Impact There is n...

4.7CVSS6AI score0.00491EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•81 views

K38453823: Apache vulnerability CVE-2021-31618

Security Advisory Description Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client...

7.5CVSS7.9AI score0.51208EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•81 views

K62201745: OpenSSH vulnerability CVE-2016-10012

Security Advisory Description The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allow local users to gain privileges by leveraging access to a sandboxed...

7.8CVSS7.3AI score0.01281EPSS
Exploits1Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•81 views

K92451315: OpenSSL vulnerability CVE-2020-1968

Security Advisory Description The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman DH based ciphersuite. In such a case this would result in the attacker being able to...

4.3CVSS6.6AI score0.04803EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 6:49 p.m.•81 views

K18129121: Linux kernel vulnerability CVE-2019-19767

Security Advisory Description The Linux kernel before 5.4.2 mishandles ext4expandextraisize, as demonstrated by use-after-free errors in ext4expandextraisize and ext4xattrsetentry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163. CVE-2019-19767 Impact There is no impact; F5...

5.5CVSS6.9AI score0.02081EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•81 views

K00854051: Linux kernel vulnerability CVE-2018-13405

Security Advisory Description The inodeinitowner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group...

7.8CVSS6.1AI score0.0101EPSS
Exploits2Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•81 views

K21317311: F5 BIG-IP Guided Configuration XSS vulnerability CVE-2022-27230

Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in an undisclosed page of F5 BIG-IP Guided Configuration that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2022-27230 Impact An attacker may exploit this...

7.5CVSS5.7AI score0.005EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•81 views

K74013101: Binutils vulnerability CVE-2021-42574

Security Advisory Description An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of characters via control sequences, which can be used to craft source code that renders different logic than the logical ordering of...

8.3CVSS8.1AI score0.12205EPSS
Exploits4Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•81 views

K34468163: Apache Tomcat vulnerability CVE-2018-8034

Security Advisory Description The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88. CVE-2018-8034 Impact A user on the local...

7.5CVSS7.8AI score0.213EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•81 views

K55245232: GNU glibc vulnerability CVE-2014-9984

Security Advisory Description nscd in the GNU C Library aka glibc or libc6 before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd. CVE-2014-9984 Impact The...

9.8CVSS9.7AI score0.0444EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•81 views

K42903299: rsyslog: remote syslog PRI vulnerability CVE-2014-3634

Security Advisory Description rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service crash, possibly execute arbitrary code, or have other unspecified impact via a crafted priority PRI value that triggers an out-of-bounds array...

7.5CVSS7.5AI score0.07546EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•81 views

K61414056: Apache Tomcat vulnerability CVE-2016-5425

Security Advisory Description The Tomcat package on Red Hat Enterprise Linux RHEL 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the...

7.8CVSS7.3AI score0.03782EPSS
Exploits8
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•81 views

K21238552: MySQL vulnerabilities CVE-2019-2529, CVE-2019-2531, CVE-2019-2532, CVE-2019-2533, and CVE-2019-2534

Security Advisory Description CVE-2019-2529 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacke...

7.1CVSS6.2AI score0.0436EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•81 views

K08510472: BIG-IP TMUI vulnerability CVE-2022-28695

Security Advisory Description An authenticated attacker with high privileges can upload a maliciously crafted file to the BIG-IP AFM Configuration utility, which allows an attacker to run arbitrary commands. CVE-2022-28695 Impact This vulnerability may allow an authenticated high-privilege attack...

7.2CVSS6.9AI score0.00843EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2016/01/27 12:0 a.m.•81 views

SOL01131113 - OpenSSH vulnerabilities CVE-2016-0777 and CVE-2016-0778

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

8.1CVSS2.5AI score0.63468EPSS
Exploits3References4
F5 Networks
F5 Networks
•added 2009/07/28 12:0 a.m.•81 views

SOL10366 - BIND vulnerability - CVE-2009-0696

F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems. These products are only vulnerable if BIND was manually configured and enabl...

4.3CVSS7.3AI score0.12649EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/04/19 8:36 p.m.•80 views

K000139353: aiohttp vulnerability CVE-2024-23334

Security Advisory Description aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'followsymlinks' can be used to...

7.5CVSS6.4AI score0.76875EPSS
Exploits15
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•80 views

K43700555: GNU C Library (glibc) vulnerability CVE-2021-33574

Security Advisory Description The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service...

9.8CVSS7.9AI score0.02898EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:39 p.m.•80 views

K37603172: Samba vulnerabilities CVE-2015-5370 and CVE-2016-2118

Security Advisory Description CVE-2015-5370 Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service application crash or CPU consumptio...

7.5CVSS7.6AI score0.3693EPSS
Exploits0Affected Software9
F5 Networks
F5 Networks
•added 2023/02/21 7:38 p.m.•80 views

K20225390: Multiple PCRE vulnerabilities

Security Advisory Description CVE-2015-8395 PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror...

9.8CVSS9.2AI score0.07059EPSS
Exploits6Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•80 views

K30315990: OpenVPN vulnerability CVE-2016-6329

Security Advisory Description OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attac...

5.9CVSS5.9AI score0.0594EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•80 views

K16562029: Linux kernel vulnerability CVE-2016-3841

Security Advisory Description The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and system crash via a crafted sendmsg system call.CVE-2016-3841 Impact There is no impact; F5 products ar...

7.3CVSS6AI score0.00296EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•80 views

K80055530: NGINX NJS vulnerability CVE-2022-43286

Security Advisory Description Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njsjsonparseiteratorcall at njsjson.c. CVE-2022-43286 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

9.8CVSS9.1AI score0.00898EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•80 views

K54170502: Linux kernel vulnerability CVE-2017-8890

Security Advisory Description The inetcskclonelock function in net/ipv4/inetconnectionsock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service double free or possibly have unspecified other impact by leveraging use of the accept system call. CVE-2017-8890 Impact An...

7.8CVSS7.1AI score0.01372EPSS
Exploits5Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•80 views

K70275209: BIG-IP HTTP profile vulnerability CVE-2020-5857

Security Advisory Description Undisclosed HTTP behavior may lead to a denial of service. CVE-2020-5857 Impact This vulnerability impacts the BIG-IP data plane virtual servers with HTTP profiles. A BIG-IP module that has a virtual server with an associated HTTP profile and is processing traffic is...

7.5CVSS7.4AI score0.01044EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•80 views

K17839423: PHP vulnerability CVE-2021-21703

Security Advisory Description In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below 7.4.25 and 8.0.x below 8.0.12, when running PHP FPM SAPI with main FPM daemon process running as root and child worker processes running as lower-privileged users, it is possible for the child processes to...

7.8CVSS7.8AI score0.01337EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•80 views

K21018505: JRE vulnerability CVE-2012-5081

Security Advisory Description Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.238 and earlier allows remote attackers to affect availability, related to JSSE. CVE-2012-508...

5CVSS8.1AI score0.45113EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•80 views

K50081147: Linux kernel vulnerabilities CVE-2019-9500, CVE-2019-9503

Security Advisory Description CVE-2019-9500 The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap...

8.3CVSS7.8AI score0.03844EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•80 views

K00194184: Linux kernel Voice Over IP H.323 vulnerability CVE-2020-14305

Security Advisory Description An out-of-bounds memory write flaw was found in how the Linux kernels Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The...

8.3CVSS6.2AI score0.05114EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•80 views

K17269881: Intel MCE vulnerability CVE-2018-12207

Security Advisory Description Improper invalidation for page table updates by a virtual guest operating system for multiple IntelR Processors may allow an authenticated user to potentially enable denial of service of the host system via local access. CVE-2018-12207 Impact A privileged guest user...

6.5CVSS6.6AI score0.00915EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:6 p.m.•80 views

K43357358: AMD processors vulnerability CVE-2022-23823

Security Advisory Description A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. CVE-2022-23823 also known as hertzbleed Impact Successful exploitation of this...

6.5CVSS6.3AI score0.01044EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/01/03 10:19 p.m.•80 views

K91229003: Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754

Security Advisory Description The following three side-channel attacks were publicly disclosed on January 3, 2018: CVE-2017-5715 Spectre-BTB previously known as Spectre Variant 2 Branch target injection Systems with microprocessors utilizing speculative execution and indirect branch prediction ma...

5.6CVSS7.4AI score0.93838EPSS
Exploits13
F5 Networks
F5 Networks
•added 2022/12/19 10:5 p.m.•80 views

K08402414: BIG-IP ASM and Advanced WAF REST API endpoint vulnerability CVE-2022-23026

Security Advisory Description An authenticated user with low privileges, such as a guest, can upload data using an undisclosed REST endpoint causing an increase in disk resource utilization. CVE-2022-23026 Impact An authenticated user with low privileges, such as a guest, may exploit this...

4.3CVSS4.7AI score0.00739EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2016/11/02 12:0 a.m.•80 views

SOL54211024 - OpenSSL vulnerability CVE-2016-6304

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.8CVSS1.8AI score0.63029EPSS
Exploits2References6
F5 Networks
F5 Networks
•added 2014/12/16 12:0 a.m.•80 views

SOL15912 - Linux kernel driver vulnerabilities CVE-2014-3184, CVE-2014-3185, CVE-2014-3611, CVE-2014-3645, and CVE-2014-3646

CVE-2014-3184 The reportfixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service out-of-bounds write via a crafted device that provides a small report descriptor, related to 1 drivers/hid/hid-cherry.c, 2...

6.9CVSS3.6AI score0.00596EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2006/12/11 12:0 a.m.•80 views

SOL6881 - SSHv1 vulnerabilities CVE-2006-4924

This security advisory describes an OpenSSH version 1 vulnerability. When using version SSH version 1 protocol, remote attacks cause a denial of service attack when the sshd process is used in OpenSSH versions previous to version 4.4. This occurs when using an SSH packet that contains duplicate...

7.8CVSS7.7AI score0.34666EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/02/02 5:38 a.m.•79 views

K000138460: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2024-20960 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: RAPID. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via...

6.5CVSS4.8AI score0.01539EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•79 views

K32037442: Intel In-Band Manageability software vulnerabilities CVE-2021-0193, CVE-2021-0194, and CVE-2021-33108

Security Advisory Description CVE-2021-0193 Improper authentication in the IntelR In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via network access. CVE-2021-0194 Improper access control in the IntelR In-Band...

7.2CVSS7AI score0.00913EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•79 views

K05380109: Bootstrap vulnerability CVE-2018-14041

Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. CVE-2018-14041 Impact An attacker may exploit this vulnerability to perform a cross-site scripting XSS attack. Security Advisory Status F5 Product Development has assigned ID 767373...

6.1CVSS6.4AI score0.04293EPSS
Exploits1Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•79 views

K27110515: Open SSL vulnerability CVE-2001-1141

Security Advisory Description The Pseudo-Random Number Generator PRNG in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers. CVE-2001-1141...

5CVSS6.6AI score0.04988EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•79 views

K10771536: MySQL vulnerabilities CVE-2017-3309, CVE-2017-3453, and CVE-2019-2974

Security Advisory Description CVE-2017-3309 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged...

7.7CVSS6.3AI score0.03726EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•79 views

K21665601: OpenSSL vulnerability CVE-2018-0732

Security Advisory Description During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until...

7.5CVSS6.7AI score0.49268EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•79 views

K20623215: Apache mod_cache_socache vulnerability CVE-2018-1303

Security Advisory Description A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. It could be used as a Denial of Service attack against users of modcachesocache...

7.5CVSS7.8AI score0.70783EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•79 views

K75543432: PHP vulnerability CVE-2017-11628

Security Advisory Description In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications th...

7.8CVSS8.3AI score0.03365EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:28 p.m.•79 views

K14638: TLS/SSL RC4 vulnerability CVE-2013-2566

Security Advisory Description The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same...

5.9CVSS7.5AI score0.84424EPSS
Exploits0Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•79 views

K3144: Apache mod_alias buffer overflow vulnerability CAN-2003-0542

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

7.2CVSS7.6AI score0.1273EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•79 views

K31300402: Virtual Machine Manager L1 Terminal Fault vulnerability CVE-2018-3646

Security Advisory Description Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fault and a...

5.6CVSS7.8AI score0.08101EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•79 views

K55423848: CGI.pm and CGI::Simple vulnerabilities CVE-2010-2761 and CVE-2010-4410

Security Advisory Description CVE-2010-2761 The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers a...

4.3CVSS9.1AI score0.02713EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•79 views

K10515241: Linux kernel vulnerabilities CVE-2016-1583 and CVE-2016-2143

Security Advisory Description CVE-2016-1583 The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leadi...

7.8CVSS7AI score0.01393EPSS
Exploits2
Total number of security vulnerabilities5000