Lucene search
K

6401 matches found

F5 Networks
F5 Networks
•added 2015/07/22 12:0 a.m.•60 views

SOL16983 - PCRE library vulnerability CVE-2015-2325

Although the BIG-IP/BIG-IQ/Enterprise Manager software contains the vulnerable code, BIG-IP/BIG-IQ/Enterprise Manager does not use the vulnerable code in a way that exposes the vulnerability. An attacker must have local access to BIG-IP/BIG-IQ/Enterprise Manager to trigger an exploit, which the...

7.8CVSS1.3AI score0.01575EPSS
Exploits1References9
F5 Networks
F5 Networks
•added 2015/07/01 12:0 a.m.•60 views

SOL16833 - Linux vulnerability CVE-2014-7826

kernel/trace/tracesyscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service invalid pointer dereference via a crafted application. CVE-2014-7826...

7.8CVSS5.9AI score0.00589EPSS
Exploits1References3
F5 Networks
F5 Networks
•added 2014/09/05 12:0 a.m.•60 views

SOL15568 - OpenSSL vulnerability CVE-2014-3510

Recommended Action You can eliminate this vulnerability by running a version listed in the Versions known to be not vulnerable column in the previous table. If the Versions known to be not vulnerable column does not list a version that is later than the version you are running, then no upgrade...

4.3CVSS1.6AI score0.16946EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/04/03 12:0 a.m.•60 views

SOL15133 - BIND vulnerability CVE-2014-0591

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy...

2.6CVSS3.7AI score0.31671EPSS
Exploits1References3
F5 Networks
F5 Networks
•added 2011/12/28 12:0 a.m.•60 views

SOL13277 - Apache vulnerability CVE-2009-2412

Recommended action ARX To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column of the table. To mitigate this vulnerability, do not enable access to the ARX management API. Supplemental Information Note: The previous link takes you to...

10CVSS7.3AI score0.13781EPSS
Exploits2
F5 Networks
F5 Networks
•added 2011/09/16 12:0 a.m.•60 views

SOL13108 - TCP Packet Filtering Weakness - CERT VU # 464113

This security advisory describes a TCP vulnerability. Various vendors' TCP/IP implementations handle packets containing unusual flag combinations in different ways, which may lead to a violation of implicit or explicit security policies. For example, an attacker may be able to bypass network acce...

0.6AI score
Exploits0
F5 Networks
F5 Networks
•added 2009/04/21 12:0 a.m.•60 views

SOL9988 - libpng vulnerability CVE-2009-0040

Description The PNG reference library libpng, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code by way of a crafted PNG file. Information about this advisory is available at the followin...

6.8CVSS8.9AI score0.04825EPSS
Exploits2
F5 Networks
F5 Networks
•added 2007/09/15 12:0 a.m.•60 views

SOL7923 - Cross-site scripting vulnerability in the logon page after enabling a pre-logon sequence - CVE-2007-6704

A cross-site scripting XSS vulnerability—CVE-2007-6704—exists in the FirePass logon page when a pre-logon sequence is enabled. The affected FirePass URL fails to fully sanitize URL input before the web page content is sent to the browser. It is possible for an attacker to create web pages,...

2.6CVSS5.8AI score0.05923EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/10/10 2:40 a.m.•59 views

K000141402: SQLite vulnerabilities CVE-2018-20506, CVE-2018-20505, CVE-2018-20346, CVE-2015-5895, CVE-2015-3717

Security Advisory Description CVE-2018-20506 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow and resultant buffer overflow for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute...

10CVSS8.1AI score0.09683EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•59 views

K15217245: Oracle Java SE vulnerability CVE-2018-2815

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability...

5.3CVSS4.2AI score0.04816EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•59 views

K86772626: OpenSSL vulnerability CVE-2015-3194

Security Advisory Description crypto/rsa/rsaameth.c in OpenSSL 1.0.1 before 1.0.1q and 1.0.2 before 1.0.2e allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an RSA PSS ASN.1 signature that lacks a mask generation function parameter...

7.5CVSS7.6AI score0.44016EPSS
Exploits1Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•59 views

K30714460: OpenSSL vulnerability CVE-2015-3193

Security Advisory Description The Montgomery squaring implementation in crypto/bn/asm/x8664-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x8664 platform, as used by the BNmodexp function, mishandles carry propagation and produces incorrect output, which makes it easier for remote attackers to...

7.5CVSS7.3AI score0.25137EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•59 views

K59010802: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2015-4730 Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to affect availability via unknown vectors related to Types. CVE-2015-4792 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and...

7.2CVSS7.6AI score0.30146EPSS
Exploits6Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•59 views

K16965: bzip2 vulnerabilities CVE-2005-0953 and CVE-2005-1260

Security Advisory Description CVE-2005-0953 Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete...

5CVSS6.3AI score0.06152EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:1 p.m.•59 views

K06208063: Linux kernel vulnerability CVE-2018-1000004

Security Advisory Description In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition. CVE-2018-1000004 Impact There is no impact; F5 products are not affected by this...

7.1CVSS6.1AI score0.03543EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•59 views

K37046163: Kernel vulnerability CVE-2016-6480

Security Advisory Description Race condition in the ioctlsendfib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service out-of-bounds access or system crash by changing a certain size value, aka a "double fetch" vulnerability...

5.1CVSS5.9AI score0.00339EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•59 views

K69488451: Multiple QEMU vulnerabilities CVE-2020-13791, CVE-2020-13800, CVE-2020-15469, CVE-2020-15859, and CVE-2020-15863

Security Advisory Description CVE-2020-13791 hw/pci/pci.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access by providing an address near the end of the PCI configuration space. CVE-2020-13800 ati-vga in hw/display/ati.c in QEMU 4.2.0 allows guest OS users to trigger infinite...

6CVSS7.2AI score0.00486EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•59 views

K54811521: Linux kernel vulnerabilities CVE-2019-14815, CVE-2019-14895, CVE-2019-14901, CVE-2019-19055

Security Advisory Description CVE-2019-14815 A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiexsetwmmparams function of Marvell Wifi Driver. CVE-2019-14895 A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18....

10CVSS7.7AI score0.16908EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•59 views

K51201255: Linux kernel vulnerability CVE-2016-7117

Security Advisory Description Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing. CVE-2016-7117 Impact...

10CVSS7.3AI score0.24299EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•59 views

K62282045: Linux kernel vulnerability CVE-2021-38207

Security Advisory Description drivers/net/ethernet/xilinx/lltemacmain.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service buffer overflow and lockup by sending heavy network traffic for about ten minutes. CVE-2021-38207 Impact There is no impact; F5 products...

7.5CVSS6.3AI score0.03354EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•59 views

K21458044: Linux kernel vulnerability CVE-2020-10942

Security Advisory Description In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack corruption via crafted system calls. CVE-2020-10942 Impact There is no impact; F5 products are not affecte...

5.4CVSS6.2AI score0.00962EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•59 views

K14086714: BIND vulnerability CVE-2022-1183

Security Advisory Description On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS...

7.5CVSS7.4AI score0.06394EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•59 views

K09422508: OpenSSL vulnerabilities CVE-2016-6307 and CVE-2016-6308

Security Advisory Description CVE-2016-6307 The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service memory consumption via crafted TLS messages, related to...

7.1CVSS7.5AI score0.14067EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•59 views

K95003704: Java SE vulnerability CVE-2018-3183

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Scripting. Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows...

9CVSS7.7AI score0.02815EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•59 views

K51801290: RSRE Variant 3a vulnerability CVE-2018-3640

Security Advisory Description Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Rea...

5.6CVSS5.7AI score0.07556EPSS
Exploits0Affected Software18
F5 Networks
F5 Networks
•added 2023/02/21 7:54 p.m.•59 views

K13322484: libssh2 vulnerability CVE-2019-13115

Security Advisory Description In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose...

8.1CVSS8.5AI score0.11659EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•59 views

K07052904: PHP vulnerability CVE-2015-3307

Security Advisory Description The pharparsemetadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service heap metadata corruption or possibly have unspecified other impact via a crafted tar archive...

7.5CVSS7.4AI score0.07697EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:51 p.m.•59 views

K84310302: Linux kernel vulnerability CVE-2019-12456

Security Advisory Description DISPUTED An issue was discovered in the MPT3COMMAND case in ctlioctlmain in drivers/scsi/mpt3sas/mpt3sasctl.c in the Linux kernel through 5.1.5. It allows local users to cause a denial of service or possibly have unspecified other impact by changing the value of...

7.8CVSS7.5AI score0.00406EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:51 p.m.•59 views

K13219: DHCP Client vulnerability CVE-2011-0997

Security Advisory Description The ISC Dynamic Host Configuration Protocol DHCP client, dhclient , in versions 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands by way of shell metacharacters in a...

7.1AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:42 p.m.•59 views

K21125762: The BIG-IP CFE logs sensitive Azure storage account credentials

Security Advisory Description The BIG-IP Cloud Failover Extension CFE logs sensitive Azure storage account credentials in /var/log/restnoded/restnoded.log. This issue occurs when all of the following conditions are met: You configure the CFE to provide failover functionality for your BIG-IP syste...

6.9AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:27 p.m.•59 views

K8077: BIND 8 vulnerability CVE-2007-2930

Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...

4.3CVSS6.5AI score0.07585EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:5 p.m.•59 views

K34341852: Apache Tomcat 6.x vulnerability CVE-2015-5345

Security Advisory Description The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.67, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via...

5.3CVSS6.8AI score0.1838EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 7:4 p.m.•59 views

K6623: OpenSSL signature vulnerability - CVE-2006-4339

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this Solution have not been evaluated for...

4.3CVSS7.7AI score0.04894EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•59 views

K55354030: OpenJDK vulnerabilities CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-2432

Security Advisory Description CVE-2021-2341 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0...

7.5CVSS5.6AI score0.04238EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•59 views

K37080719: NGINX Instance Manager vulnerability CVE-2022-35241

Security Advisory Description When NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. CVE-2022-35241 Impact System performance can degrade until system inodes become free. This vulnerability allows a remote, authenticated attacker to cause a...

6.5CVSS6.3AI score0.00658EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•59 views

K01512680: Linux kernel vulnerability CVE-2019-11811

Security Advisory Description An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed, related to drivers/char/ipmi/ipmisiintf.c, drivers/char/ipmi/ipmisimemio.c, and...

7CVSS6.5AI score0.00451EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•59 views

K16321: OpenSSL vulnerability CVE-2015-0293

Security Advisory Description The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service s2lib.c assertion failure and daemon exit via a crafted CLIENT-MASTER-KEY message. CVE-2015-0293...

5CVSS6.7AI score0.21247EPSS
Exploits0Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•59 views

K11936401: Java SE vulnerability CVE-2017-10102

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with...

9CVSS7.9AI score0.02971EPSS
Exploits0Affected Software9
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•59 views

K42117350: Intel-SA-00213: Intel CSME, Intel SPS, Intel TXE, Intel DAL, and Intel AMT vulnerabilities

Security Advisory Description In May 2019, Intel announced the discovery of multiple vulnerabilities with Intel technology. To review Intel-SA-00213, the complete announcement, refer to the following link: Intel CSME, Intel SPS, Intel TXE, Intel DAL, and Intel AMT 2019.1 QSR Advisory Note : The...

9.8CVSS6.6AI score0.01864EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•59 views

K53084033: OpenSSL vulnerability CVE-2016-2178

Security Advisory Description The dsasignsetup function in crypto/dsa/dsaossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. CVE-2016-2178 Impact An...

5.5CVSS7.3AI score0.01174EPSS
Exploits1Affected Software26
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•59 views

K03009991: iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986

Security Advisory Description The iControl REST interface has an unauthenticated remote command execution vulnerability. CVE-2021-22986 Impact This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and se...

10CVSS8.8AI score0.99898EPSS
Exploits20Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•59 views

K34239812: Libexpat vulnerability CVE-2019-15903

Security Advisory Description In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read. CVE-2019-15903...

7.5CVSS7.7AI score0.06707EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•59 views

K15605622: MySQL vulnerability CVE-2016-6664

Security Advisory Description mysqldsafe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and...

7CVSS7.1AI score0.0308EPSS
Exploits10
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•59 views

K45213552: cups-filters vulnerabilities CVE-2015-8327 and CVE-2015-8560

Security Advisory Description CVE-2015-8327 Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via backtick characters in a print job. CVE-2015-8560...

7.5CVSS8AI score0.10171EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•59 views

K04253390: Apache Xerces vulnerability CVE-2016-2099

Security Advisory Description Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier does not properly handle exceptions raised in the XMLReader class, which allows context-dependent attackers to have unspecified impact via an invalid character in an...

10CVSS9.4AI score0.06781EPSS
Exploits0Affected Software5
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•59 views

K05441360: Oracle Java SE vulnerability CVE-2018-2797

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JMX. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows...

5.3CVSS4.3AI score0.078EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•59 views

K76295179: Linux kernel vulnerability CVE-2019-15099

Security Advisory Description drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. CVE-2019-15099 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

7.8CVSS6.3AI score0.03771EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•59 views

K04623854: Apache Tomcat vulnerability CVE-2018-1304

Security Advisory Description The URL pattern of "" the empty string which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition. This caused the...

5.9CVSS6.6AI score0.17378EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•59 views

K01988340: HTTP/2 Reset Flood vulnerability CVE-2019-9514

Security Advisory Description Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RSTSTREAM frames from the peer. Depending on...

7.8CVSS8.1AI score0.82813EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•59 views

K80311892: InfoZIP vulnerability CVE-2019-13232

Security Advisory Description Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue. CVE-2019-13232 Impact Local users with administrative access to the BIG-IP Advanced Shell bash may be able...

3.3CVSS6.5AI score0.00495EPSS
Exploits0Affected Software16
Total number of security vulnerabilities5000