Lucene search
K

6396 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•67 views

K04367730: FRF.16 parser vulnerability CVE-2018-14468

Security Advisory Description The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfrprint. CVE-2018-14468 Impact When tcpdump is active and configured to parse FRF.16 traffic, certain traffic patterns may trigger a crash or other unexpected behavior of the tcpdump...

7.5CVSS6.6AI score0.03985EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•67 views

K08006936: Apache Commons Configuration vulnerability CVE-2022-33980

Security Advisory Description Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of...

9.8CVSS8.4AI score0.42646EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•67 views

K51025656: Linux kernel vulnerability CVE-2016-10229

Security Advisory Description udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSGPEEK flag. CVE-2016-10229 Impact There is no impact; F5...

10CVSS8.2AI score0.12791EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•67 views

K35421172: Excess resource consumption due to low MSS values vulnerability CVE-2019-11479

Security Advisory Description Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This...

7.5CVSS6.6AI score0.9166EPSS
Exploits1Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•67 views

K17011311: NodeJS vulnerability CVE-2022-35256

Security Advisory Description The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. CVE-2022-35256 Impact There is no impact; F5 products are not affected by this vulnerability...

6.5CVSS7.5AI score0.02587EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•67 views

K09604370: Linux kernel vulnerability CVE-2020-25705

Security Advisory Description A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that allows to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypassing source port UDP randomization. The highest threat from this...

7.4CVSS7AI score0.06692EPSS
Exploits1Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•67 views

K86005324: Samba vulnerability CVE-2016-2124

Security Advisory Description A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. CVE-2016-2124 Impact There is no impact; F5 products are not affecte...

5.9CVSS6.7AI score0.01752EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•67 views

K44270253: OpenJDK vulnerabilities CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, and CVE-2022-21299

Security Advisory Description CVE-2022-21291 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and...

5.3CVSS4.4AI score0.08346EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•67 views

K35520031: BIG-IP virtual server with HTTP Explicit Proxy and/or SOCKS vulnerability CVE-2016-5700

Security Advisory Description BIG-IP virtual servers with a configuration using the HTTP Explicit Proxy functionality and/or SOCKS profile are vulnerable to an unauthenticated, remote attack that allows modification of BIG-IP system configuration, extraction of sensitive system files, and/or...

9.8CVSS9.5AI score0.06422EPSS
Exploits0Affected Software8
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•67 views

K49711130: OpenSSL and Intel processor SMT side-channel vulnerability (PortSmash) CVE-2018-5407

Security Advisory Description Simultaneous Multi-threading SMT in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention.' CVE-2018-5407 also known as PortSmash Impact The vulnerability allows an attacker who can...

4.7CVSS6.6AI score0.03418EPSS
Exploits4Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•67 views

K56142644: Appliance mode Advanced WAF/ASM TMUI authenticated remote command execution vulnerability CVE-2021-22989

Security Advisory Description When running in Appliance mode with Advanced WAF or ASM provisioned, the Traffic Management User Interface TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed pages. CVE-2021-22989 Note : For...

9.1CVSS7.2AI score0.08838EPSS
Exploits1Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•67 views

K32592426: Linux kernel vulnerability CVE-2019-15538

Security Advisory Description An issue was discovered in xfssetattrnonsize in fs/xfs/xfsiops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfssetattrnonsize is failing to unlock the ILOCK after the xfsqmvopchownreserve call...

7.8CVSS6.2AI score0.03916EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•67 views

K41913011: Java SE vulnerabilities CVE-2019-2973 and CVE-2019-2981

Security Advisory Description CVE-2019-2973 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated...

4.3CVSS5AI score0.03749EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•67 views

K52828640: libcurl vulnerability CVE-2016-8616

Security Advisory Description A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that...

5.9CVSS7.3AI score0.03472EPSS
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 6:7 p.m.•67 views

K14200143: Linux kernel vulnerability CVE-2019-19058

Security Advisory Description A memory leak in the allocsgtable function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering allocpage failures, aka CID-b4b814fec1a5. CVE-2019-19058 Impact...

4.7CVSS6.1AI score0.00373EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:7 p.m.•67 views

K74251611: Linux kernel vulnerability CVE-2021-38166

Security Advisory Description In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAPSYSADMIN capability. CVE-2021-38166 Impact An...

7.8CVSS7.2AI score0.0032EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:7 p.m.•67 views

K53252134: Intel BIOS vulnerability CVE-2021-0155

Security Advisory Description Unchecked return value in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2021-0155 Impact A local attacker logged-in as a privileged user can exploit the vulnerability to gai...

5.5CVSS5.1AI score0.00257EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2022/12/19 7:39 p.m.•67 views

K80513384: Apache HTTPD vulnerability CVE-2016-5387

Security Advisory Description The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect an application's outboun...

8.1CVSS6.8AI score0.55724EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2016/11/18 12:0 a.m.•67 views

SOL32460441 - OpenSSL vulnerabilities CVE-2016-7053 and CVE-2016-7054

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.6AI score0.32389EPSS
Exploits3References4
F5 Networks
F5 Networks
•added 2016/10/31 12:0 a.m.•67 views

SOL23512141 - OpenSSL vulnerability CVE-2016-2179

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS2.1AI score0.26559EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2016/10/13 12:0 a.m.•67 views

SOL95432245 - PHP vulnerability CVE-2016-5768

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

9.8CVSS1.7AI score0.0963EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2016/05/10 12:0 a.m.•67 views

SOL75248350 - QEMU vulnerability CVE-2016-1714

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

8.1CVSS2.4AI score0.06085EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/05/10 12:0 a.m.•67 views

SOL79401162 - Samba vulnerabilities CVE-2016-2111, CVE-2016-2113, and CVE-2016-2114

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.4CVSS2.9AI score0.18171EPSS
Exploits2References4
F5 Networks
F5 Networks
•added 2015/12/29 12:0 a.m.•67 views

SOL20979231 - Apache vulnerability CVE-2011-3639

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS1.4AI score0.52531EPSS
Exploits2References12
F5 Networks
F5 Networks
•added 2015/07/28 12:0 a.m.•67 views

SOL16909 - BIND vulnerability CVE-2015-5477

1These versions are vulnerable if a self IP address or management IP address is configured to allow inbound connections on port 53. 2These versions are vulnerable if a DNS profile is configured with the Use BIND Server on BIG-IP option enabled by default. 3These versions are vulnerable if...

7.8CVSS7.9AI score0.91284EPSS
Exploits12References6
F5 Networks
F5 Networks
•added 2015/07/02 12:0 a.m.•67 views

SOL16866 - PowerDNS vulnerabilities CVE-2014-8601 and CVE-2015-1868

CVE-2014-8601 PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers to cause a denial of service "performance degradations" via a large or infinite number of referrals, as demonstrated by resolving domains hosted by ezdns.it. Â CVE-2015-1868 The label...

7.8CVSS6.6AI score0.81834EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/07/02 12:0 a.m.•67 views

SOL16828 - Apache Tomcat vulnerability CVE-2005-2090

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

4.3CVSS0.9AI score0.29784EPSS
Exploits4References6
F5 Networks
F5 Networks
•added 2015/04/21 12:0 a.m.•67 views

SOL16475 - Multiple Sun Java vulnerabilities

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...

10CVSS3.3AI score0.16899EPSS
Exploits3References3
F5 Networks
F5 Networks
•added 2008/04/23 12:0 a.m.•67 views

SOL8578 - Security Advisory: BIND buffer overflow in inet_network CVE-2008-0122

An off-by-one error in the inetnetwork function in libbind could lead to memory corruption with certain inputs. libbind has a vulnerability in the inetnetwork API. However, this API is not used by any F5 products that use the affected version of BIND. Information about this advisory is available ...

10CVSS7AI score0.123EPSS
Exploits1
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•67 views

SOL4743 - Inadequate validation for TCP segments CVE-2005-0356

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers PAWS with the timestamps option enabled allow remote attackers to cause a denial of service connection loss via a spoofed packet with a large timer value, which causes the host to discard later packets because they appe...

5CVSS6.1AI score0.83284EPSS
Exploits1
F5 Networks
F5 Networks
•added 2005/10/01 12:0 a.m.•67 views

SOL1648 - OpenSSH array overflow - CAN-2002-0083

Note: By default, BIG-IP and 3-DNS do not have non-root accounts so this vulnerability is not a significant issue for F5 Networks customers. This vulnerability requires that the user already be authenticated on the BIG-IP system in order to assume root access...

10CVSS5AI score0.14804EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/05/24 10:11 p.m.•66 views

K000139525: Libexpat vulnerability CVE-2022-43680

Security Advisory Description In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. CVE-2022-43680 Impact System performance degradation can occur until the process is forced to restart...

7.5CVSS8AI score0.0226EPSS
Exploits1Affected Software6
F5 Networks
F5 Networks
•added 2024/05/24 5:8 p.m.•66 views

K000139764: Apache HTTPD vulnerability CVE-2023-38709

Security Advisory Description Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. CVE-2023-38709 Impact This vulnerability allows malicious or exploitable...

7.3CVSS7.3AI score0.03914EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2024/04/09 2:53 a.m.•66 views

K000139218: CVE-2024-22243 Spring Framework vulnerability

Security Advisory Description Applications that use UriComponentsBuilder to parse an externally provided URL e.g. through a query parameter AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html attack or to...

8.1CVSS6.4AI score0.03967EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•66 views

K42332834: NTP vulnerability CVE-2018-12327

Security Advisory Description Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any...

9.8CVSS8.7AI score0.29037EPSS
Exploits5
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•66 views

K82112489: GNOME GLib vulnerability CVE-2021-27219

Security Advisory Description An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function gbytesnew has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. CVE-2021-27219...

7.5CVSS8AI score0.02993EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•66 views

K04755144: Multiple QEMU vulnerabilities

Security Advisory Description CVE-2015-8613 Stack-based buffer overflow in the megasasctrlgetinfo function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service QEMU instance crash via a crafted SCSI controller CTRLGETINFO command...

7.5CVSS7.3AI score0.03897EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:54 p.m.•66 views

K17848347: Oracle Java vulnerabilities CVE-2019-2422, CVE-2019-2449, and CVE-2019-2540

Security Advisory Description CVE-2019-2422 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u201, 8u192 and 11.0.1; Java SE Embedded: 8u191. Difficult to exploit vulnerability allows unauthenticated attacker with...

6.1CVSS6.3AI score0.03374EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:39 p.m.•66 views

K38573130: Apache Tomcat vulnerability CVE-2020-13934

Security Advisory Description An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading...

7.5CVSS8.4AI score0.64124EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:36 p.m.•66 views

K63519101: Multiple QEMU vulnerabilities

Security Advisory Description CVE-2014-8106 Heap-based buffer overflow in the Cirrus VGA emulator hw/display/cirrusvga.c in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for...

9.3CVSS8.3AI score0.13288EPSS
Exploits1Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•66 views

K24444803: Node.js vulnerabilities CVE-2015-8860, CVE-2015-8856, CVE-2016-7099, and CVE-2016-5325

Security Advisory Description CVE-2015-8860 The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a symlink attack in an archive. CVE-2015-8856 Cross-site scripting XSS vulnerability in the serve-index package before 1.6.3 for Node.js allows remote...

7.5CVSS6.3AI score0.04912EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•66 views

K05428062: pcregrep in PCRE vulnerability CVE-2015-8393

Security Advisory Description pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sends stdout data to a client. CVE-2015-8393 Impact A local,...

7.5CVSS8.3AI score0.04371EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•66 views

K68562154: MySQL vulnerability CVE-2005-0004

Security Advisory Description The mysqlaccess script in MySQL 4.0.23 and earlier, 4.1.x before 4.1.10, 5.0.x before 5.0.3, and other versions including 3.x, allows local users to overwrite arbitrary files or read temporary files via a symlink attack on temporary files. CVE-2005-0004 Impact There ...

4.6CVSS6.4AI score0.00594EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•66 views

K56331254: Apache HTTP server vulnerability CVE-2021-41524

Security Advisory Description While fuzzing the 2.4.49 httpd, a new null pointer dereference was detected during HTTP/2 request processing, allowing an external source to DoS the server. This requires a specially crafted request. The vulnerability was recently introduced in version 2.4.49. No...

7.5CVSS7.7AI score0.24982EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•66 views

K48523069: System Security Services Daemon vulnerability CVE-2015-5292

Security Advisory Description Memory leak in the Privilege Attribute Certificate PAC responder plugin sssdpacplugin.so in System Security Services Daemon SSSD 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service memory consumption via a large number of logins that...

6.8CVSS7.1AI score0.03666EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•66 views

K30363030: PHP vulnerability CVE-2016-5771

Security Advisory Description splarray.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free and...

9.8CVSS8.8AI score0.15484EPSS
Exploits5Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 6:49 p.m.•66 views

K02613439: Linux kernel vulnerability CVE-2017-9076

Security Advisory Description The dccpv6requestrecvsock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890...

7.8CVSS6.8AI score0.00366EPSS
Exploits1Affected Software18
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•66 views

K51048910: Eclipse Jetty vulnerability CVE-2021-28169

Security Advisory Description For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, it is possible for requests to the ConcatServlet with a doubly encoded path to access protected resources within the WEB-INF directory. For example a request to /concat?/%2557EB-INF/web.xml can retrieve the...

5.3CVSS7.2AI score0.7848EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•66 views

K91084571: PHP vulnerability CVE-2015-8873

Security Advisory Description Stack consumption vulnerability in Zend/zendexceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to cause a denial of service segmentation fault via recursive method calls. CVE-2015-8873 Impact An authenticated...

7.5CVSS9AI score0.03881EPSS
Exploits1Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•66 views

K12092991: Linux Kernel vulnerability CVE-2020-35519

Security Advisory Description An out-of-bounds OOB memory access flaw was found in x25bind in net/x25/afx25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash o...

7.8CVSS5.8AI score0.00408EPSS
Exploits0
Total number of security vulnerabilities5000