Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2024/05/16 10:0 p.m.•50 views

K000139641: libxml2 vulnerability CVE-2023-28484

Security Advisory Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. CVE-2023-28484 Impact This vulnerability allows a remote, authenticated...

6.5CVSS6.7AI score0.01086EPSS
Exploits1Affected Software17
F5 Networks
F5 Networks
•added 2024/05/15 12:1 a.m.•50 views

K000139617: MySQL vulnerabilities CVE-2024-21049, CVE-2024-21060, CVE-2024-21061, and CVE-2024-21069

Security Advisory Description CVE-2024-21049 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS4.7AI score0.00986EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/05/14 9:14 p.m.•50 views

K000139594: libxml2 vulnerability CVE-2022-40304

Security Advisory Description An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked. CVE-2022-40304. Impact This vulnerability allows a remot...

7.8CVSS7.3AI score0.06782EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2024/03/22 5:5 p.m.•50 views

K000138991: BIND vulnerability CVE-2023-6516

Security Advisory Description To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is...

7.5CVSS7.5AI score0.01097EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/06/22 5:57 p.m.•50 views

K000135178: OpenSSL vulnerability CVE-2023-2650

Security Advisory Description Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message...

6.5CVSS7.1AI score0.75116EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/05/08 8:35 p.m.•50 views

K000134507: jQuery UI vulnerability CVE-2022-31160

Security Advisory Description jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes...

6.1CVSS6.5AI score0.01933EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/05/01 7:6 p.m.•50 views

K000133753: PHP vulnerability CVE-2023-0662

Security Advisory Description In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consumption and excessive number of log entries. This can cause denial of service on the affected server by exhausting CPU...

7.5CVSS6.9AI score0.01408EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2023/04/21 5:33 p.m.•50 views

K000133612: OpenJDK vulnerability CVE-2023-21939

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Swing. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and...

5.3CVSS5.4AI score0.02474EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/04/14 7:21 a.m.•50 views

K000133517: OpenSSH vulnerability CVE-2023-28531

Security Advisory Description ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. CVE-2023-28531 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

9.8CVSS6.5AI score0.02267EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•50 views

K15868: Multiple Wireshark vulnerabilities

Security Advisory Description CVE-2013-4074 The dissectcapwapdata function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a...

7.8CVSS6.9AI score0.60643EPSS
Exploits7Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•50 views

K40564589: PHP vulnerability CVE-2016-7126

Security Advisory Description The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service selectcolors allocation error and out-of-bounds write or possibl...

9.8CVSS9.2AI score0.08819EPSS
Exploits1Affected Software7
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•50 views

K02585438: MySQL vulnerabilities CVE-2019-2815, CVE-2019-2819, CVE-2019-2822, and CVE-2019-2826

Security Advisory Description CVE-2019-2815 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

7.5CVSS5.6AI score0.02818EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•50 views

K44611310: MySQL vulnerability CVE-2015-0411

Security Advisory Description Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption. CVE-2015-0411 Impact Through...

7.5CVSS5.9AI score0.10038EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•50 views

K02694732: BIG-IP Advanced WAF and ASM bd vulnerability CVE-2022-41691

Security Advisory Description When an F5 BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. CVE-2022-41691 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a remote...

7.5CVSS7.6AI score0.00616EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•50 views

K93554290: Linux kernel vulnerability CVE-2018-19407

Security Advisory Description The vcpuscanioapic function in arch/x86/kvm/x86.c in the Linux kernel through 4.19.2 allows local users to cause a denial of service NULL pointer dereference and BUG via crafted system calls that reach a situation where ioapic is uninitialized. CVE-2018-19407 Impact...

5.5CVSS5.8AI score0.00477EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•50 views

K80970653: BIG-IP iRules vulnerability CVE-2022-33962

Security Advisory Description The 'node' iRules command may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings.CVE-2022-33962 Impact This vulnerability may allow an authenticated attacker with the iRule Manager role to creat...

6.7CVSS6.5AI score0.00187EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•50 views

K34205867: Server component of Oracle MySQL vulnerabilities CVE-2016-8327, CVE-2017-3238, CVE-2017-3251, CVE-2017-3256, and CVE-2017-3258

Security Advisory Description CVE-2016-8327 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with...

6.5CVSS6AI score0.04792EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•50 views

K49331953: libicu vulnerability CVE-2017-17484

Security Advisory Description The ucnvUTF8FromUTF8 function in ucnvu8.cpp in International Components for Unicode ICU for C/C++ through 60.1 mishandles ucnvconvertEx calls for UTF-8 to UTF-8 conversion, which allows remote attackers to cause a denial of service stack-based buffer overflow and...

9.8CVSS8.8AI score0.04605EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•50 views

K99254031: NTP vulnerability CVE-2017-6458

Security Advisory Description Multiple buffer overflows in the ctlput functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. CVE-2017-6458 Impact This vulnerability allows remote authenticated users to have an...

8.8CVSS7.8AI score0.06515EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 7:54 p.m.•50 views

K21766035: mod_perl vulnerability CVE-2011-2767

Security Advisory Description modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is no configuration option that permits Perl code for the administrator's control of HTTP request...

10CVSS8.2AI score0.08946EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:54 p.m.•50 views

K82248373: Linux kernel vulnerability CVE-2020-16119

Security Advisory Description Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccpshctxccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123,...

7.8CVSS6.2AI score0.00422EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•50 views

K31332013: Linux kernel vulnerability CVE-2016-10905

Security Advisory Description An issue was discovered in fs/gfs2/rgrp.c in the Linux kernel before 4.8. A use-after-free is caused by the functions gfs2clearrgrpd and readrindexentry. CVE-2016-10905 Security Advisory Status F5 Product Development has evaluated the currently supported releases for...

7.8CVSS6.4AI score0.00581EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•50 views

K17123: Apache Tomcat vulnerability CVE-2014-0230

Security Advisory Description Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service thread consumption...

7.8CVSS6.6AI score0.20318EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 7:52 p.m.•50 views

K15564: TLS vulnerability CVE-2014-3511

Security Advisory Description The ssl23getclienthello function in s23srvr.c in OpenSSL 1.0.1 before 1.0.1i allows man-in-the-middle attackers to force the use of TLS 1.0 by triggering ClientHello message fragmentation in communication between a client and server that both support later TLS...

4.3CVSS7.2AI score0.13327EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2023/02/21 7:51 p.m.•50 views

K16937: OpenSSL vulnerability CVE-2015-1793

Security Advisory Description Description The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints CA values during identification of alternative certificate chains, which allows remote attackers to spoof ...

6.5CVSS6.5AI score0.61798EPSS
Exploits6
F5 Networks
F5 Networks
•added 2023/02/21 7:46 p.m.•50 views

K16859: SUSE coreutils vulnerabilities CVE-2013-0221, CVE-2013-0222, and CVE-2013-0223

Security Advisory Description CVE-2013-0221 The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the sort command, when using the 1 -d or 2 -M switch, which triggers a stack-based buffer...

4.3CVSS5.7AI score0.07238EPSS
Exploits2Affected Software18
F5 Networks
F5 Networks
•added 2023/02/21 7:39 p.m.•50 views

K05534090: Java vulnerability CVE-2015-4803

Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911. CVE-2015-4803...

5CVSS6.6AI score0.05288EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:38 p.m.•50 views

K53313971: Samba vulnerabilities CVE-2016-2110 and CVE-2016-2115

Security Advisory Description CVE-2016-2110 The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove...

5.9CVSS6.7AI score0.10232EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 7:38 p.m.•50 views

K53316849: Java vulnerability CVE-2013-5802

Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality,...

7.5CVSS7.4AI score0.04431EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:30 p.m.•50 views

K02230327: BIND vulnerability CVE-2017-3143

Security Advisory Description An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. Affects BIND...

7.5CVSS7.2AI score0.18157EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:6 p.m.•50 views

K37155600: BIG-IP RTSP profile vulnerability CVE-2022-28691

Security Advisory Description When a Real Time Streaming Protocol RTSP profile is configured on a virtual server, undisclosed traffic can cause an increase in Traffic Management Microkernel TMM resource utilization. CVE-2022-28691 Impact System performance can degrade until the process is either...

7.5CVSS7.3AI score0.00868EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:3 p.m.•50 views

K4119: Buffer overflow in mod_ssl - CVE-2002-0082

Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...

7.5CVSS6.4AI score0.29878EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•50 views

K67644055: PHP vulnerability CVE-2016-5772

Security Advisory Description Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via...

9.8CVSS8.3AI score0.09674EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•50 views

K54635192: Linux kernel overlayfs vulnerability CVE-2021-3493

Security Advisory Description The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the...

8.8CVSS7.7AI score0.43988EPSS
Exploits27
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•50 views

K13364192: Samba vulnerability CVE-2016-2119

Security Advisory Description libcli/smb/smbXclibase.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the 1 SMB2SESSIONFLAGISGUEST or 2...

7.5CVSS7.5AI score0.03097EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•50 views

K41190253: Multiple RTOS vulnerabilities

Security Advisory Description CVE-2019-12255 Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the TCP component issue 1 of 4. This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. CVE-2019-12256 Wind River VxWorks 6.9 and vx7 has a Buffer...

9.8CVSS8AI score0.84177EPSS
Exploits7
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•50 views

K16496491: Multiple Java vulnerabilities

Security Advisory Description CVE-2020-2754 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated...

7.5CVSS5.9AI score0.04128EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•50 views

K10812540: OpenJDK vulnerability CVE-2019-18197

Security Advisory Description In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or...

7.5CVSS8AI score0.04446EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•50 views

K91013510: SSL Forward Proxy vulnerability CVE-2022-23016

Security Advisory Description When BIG-IP SSL Forward Proxy with TLS 1.3 is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23016 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a...

7.5CVSS7.4AI score0.0092EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•50 views

K25451853: TMUI XSS vulnerability CVE-2022-28716

Security Advisory Description A DOM-based cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP AFM, CGNAT, and PEM Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2022-28716 Impact An attacker ma...

8.8CVSS7.3AI score0.00711EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•50 views

K39204079: GNU C Library vulnerability CVE-2015-8983

Security Advisory Description Integer overflow in the IOwstroverflow function in libio/wstrops.c in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via vectors related to computin...

8.1CVSS8.6AI score0.03871EPSS
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•50 views

K32616738: Linux kernel vulnerability CVE-2017-15265

Security Advisory Description Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seqclientmgr.c and...

7CVSS6.7AI score0.00377EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•50 views

K54143451: Java SE JRockit Vulnerability CVE-2018-2794

Security Advisory Description Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162, 10 and JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with logon to...

7.7CVSS6.2AI score0.0074EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•50 views

K02620788: OpenJDK vulnerabilities CVE-2019-2977, CVE-2019-2996, and CVE-2019-2975

Security Advisory Description CVE-2019-2977 Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

5.8CVSS5.8AI score0.03328EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•50 views

K6876: OpenSSH vulnerabilities CVE-2006-5052

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

5CVSS8.2AI score0.02801EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:50 p.m.•50 views

K15605: XML Entity Injection vulnerability CVE-2014-6032

Security Advisory Description Multiple XML External Entity XXE vulnerabilities in the Configuration utility in F5 BIG-IP LTM, ASM, GTM, and Link Controller 11.0 through 11.6.0 and 10.0.0 through 10.2.4, AAM 11.4.0 through 11.6.0, ARM 11.3.0 through 11.6.0, Analytics 11.0.0 through 11.6.0, APM and...

5.5CVSS6.8AI score0.02896EPSS
Exploits3Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:49 p.m.•50 views

K25370250: Linux kernel vulnerability CVE-2020-10690

Security Advisory Description There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptpclock and cdev while resource deallocation. When a high privileged process allocates a ptp device file like /dev/ptpX and voluntarily goes to sleep. During this...

6.5CVSS6.6AI score0.00359EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:49 p.m.•50 views

K01049383: BIG-IP restjavad vulnerability CVE-2019-6662

Security Advisory Description Sensitive information is logged into the local log files and/or remote logging targets when restjavad processes an invalid request. Users with access to the log files would be able to view that data. CVE-2019-6662 Impact When logging invalid requests, such as HTTP co...

6.5CVSS6.7AI score0.00859EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:49 p.m.•50 views

K39655464: Linux kernel vulnerability CVE-2013-2017

Security Advisory Description The veth aka virtual Ethernet driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service system crash by leveraging lack of skb consumption in conjunction with a double-free...

7.8CVSS6.8AI score0.04189EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:49 p.m.•50 views

K51920288: OpenSSL vulnerability CVE-2016-2105

Security Advisory Description Integer overflow in the EVPEncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of binary data. CVE-2016-2105 Impact A successful...

7.5CVSS8.2AI score0.3965EPSS
Exploits1Affected Software23
Total number of security vulnerabilities5000