Lucene search
K

6401 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•40 views

K21312421: Samba vulnerabilities CVE-2020-25718 and CVE-2021-23192

Security Advisory Description CVE-2020-25718 A flaw was found in the way samba, as an Active Directory Domain Controller, is able to support an RODC read-only domain controller. This would allow an RODC to print administrator tickets. CVE-2021-23192 A flaw was found in the way samba implemented...

8.8CVSS7.2AI score0.01953EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•40 views

K42438635: Linux kernel vulnerability CVE-2019-19072

Security Advisory Description A memory leak in the predicateparse function in kernel/trace/traceeventsfilter.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption, aka CID-96c5c6e6a5b6. CVE-2019-19072 Impact May allow attackers to overflow memory...

4.9CVSS6.7AI score0.00405EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•40 views

K30110324: Multiple Node.js vulnerabilities

Security Advisory Description CVE-2013-7451 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the XSS filter via a nested tag. CVE-2013-7452 The validator module before 1.1.0 for Node.js allows remote attackers to bypass the cross-site scripting XSS filter via a...

7.8CVSS6AI score0.06488EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•40 views

K93959105: OpenSSL vulnerability CVE-2010-1633

Security Advisory Description RSA verification recovery in the EVPPKEYverifyrecover function in OpenSSL 1.x before 1.0.0a, as used by pkeyutl and possibly other applications, returns uninitialized memory upon failure, which might allow context-dependent attackers to bypass intended key requiremen...

6.4CVSS7.8AI score0.02392EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•40 views

K15405135: GO vulnerability CVE-2021-3114

Security Advisory Description In Go before 1.14.14 and 1.15.x before 1.15.7, crypto/elliptic/p224.go can generate incorrect outputs, related to an underflow of the lowest limb during the final complete reduction in the P-224 field. CVE-2021-3114 Impact There is no impact; F5 products are not...

6.5CVSS7.1AI score0.02689EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•40 views

K70191975: Apache Xerces vulnerability CVE-2016-4463

Security Advisory Description Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. CVE-2016-4463 Impact An attacker requires privileged access to a dynamically generated XML file to exploit one of th...

7.5CVSS6.7AI score0.14138EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•40 views

K21882212: Intel software vulnerabilities CVE-2020-8750 CVE-2020-12355

Security Advisory Description CVE-2020-8750 Use after free in Kernel Mode Driver for IntelR TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-12355 Authentication bypass by capture-replay in RPMB protocol...

7.8CVSS7.1AI score0.004EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•40 views

K49144112: tcpdump vulnerabilities CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, and CVE-2016-7939

Security Advisory Description CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcpprint. CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtpprint. CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer...

9.8CVSS8.6AI score0.03493EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•40 views

K44070243: OpenSSL vulnerability CVE-2019-1549

Security Advisory Description OpenSSL 1.1.1 introduced a rewritten random number generator RNG. This was intended to include protection in the event of a fork system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being...

5.3CVSS6.1AI score0.06232EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•40 views

K13249530: Apache Kylin vulnerability CVE-2022-24697

Security Advisory Description Kylin's cube designer function has a command injection vulnerability when overwriting system parameters in the configuration overwrites menu. RCE can be implemented by closing the single quotation marks around the parameter value of -- conf= to inject any operating...

9.8CVSS9.3AI score0.84777EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•40 views

K17341495: Traffix SDC Configuration utility vulnerability CVE-2022-27880

Security Advisory Description A stored Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2022-27880 Impact An authenticated attacker may...

4.8CVSS4.7AI score0.00451EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•40 views

K57255643: libssh vulnerability CVE-2016-0739

Security Advisory Description libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via...

5.9CVSS5.6AI score0.02431EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:51 p.m.•40 views

K71021401: Oracle Java SE vulnerability CVE-2018-2796

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows...

5.3CVSS4.3AI score0.06891EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:50 p.m.•40 views

K15376: OpenSSL 0.9.8k vulnerability CVE-2009-0789

Security Advisory Description OpenSSL before 0.9.8k on WIN64 and certain other platforms does not properly handle a malformed ASN.1 structure, which allows remote attackers to cause a denial of service invalid memory access and application crash by placing this structure in the public key of a...

5CVSS9.1AI score0.0259EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•40 views

K30164784: BIND vulnerability CVE-2017-3137

Security Advisory Description Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an...

7.5CVSS7AI score0.08902EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•40 views

K52125441: Linux kernel vulnerability CVE-2019-19071

Security Advisory Description A memory leak in the rsisendbeacon function in drivers/net/wireless/rsi/rsi91xmgmt.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering rsipreparebeacon failures, aka CID-d563131ef23c. CVE-2019-19071 Impa...

7.8CVSS6.5AI score0.03836EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•40 views

K56241216: OpenLDAP vulnerabilities CVE-2020-25709 and CVE-2020-25710

Security Advisory Description CVE-2020-25709 A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability. CVE-2020-25710...

7.5CVSS7.7AI score0.02858EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K47204506: BIG-IP Advanced WAF and ASM bd vulnerability CVE-2022-41836

Security Advisory Description When an "Attack Signature False Positive Mode" enabled security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. CVE-2022-41836 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a...

7.5CVSS7.6AI score0.00616EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K44305703: NTP vulnerability CVE-2020-11868

Security Advisory Description The ntpd daemon in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid orig...

7.5CVSS6.5AI score0.02081EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K25075696: Oracle Java vulnerability CVE-2016-3500

Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508. CVE-2016-3500 Impact An attacker...

5.3CVSS7.3AI score0.04797EPSS
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K98776835: Apache Tomcat vulnerability - CVE-2018-8037

Security Advisory Description If an async request was completed by the application at the same time as the container triggered the async timeout, a race condition existed that could result in a user seeing a response intended for a different user. An additional issue was present in the NIO and NI...

5.9CVSS8AI score0.12058EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K82069123: ISC BIND vulnerability CVE-2018-5736

Security Advisory Description An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is...

5.3CVSS5.7AI score0.17879EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K17175: OpenJDK vulnerability CVE-2015-4731

Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. CVE-2015-4731 Impact Confidentiality is...

10CVSS4.5AI score0.05766EPSS
Exploits0Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K13304944: NTP vulnerability CVE-2015-7974

Security Advisory Description NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key." CVE-2015-7974 Impact...

7.7CVSS7AI score0.05658EPSS
Exploits1Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K29110929: MacOS vulnerabilities CVE-2019-8675, CVE-2019-8696

Security Advisory Description CVE-2019-8675 A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute...

8.8CVSS6.7AI score0.02091EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K24248011: Traffix SDC Configuration utility vulnerability CVE-2022-27662

Security Advisory Description A stored Cross-Site Template Injection vulnerability exists in an undisclosed page of the Traffix SDC Configuration utility that allows an attacker to execute template language-specific instructions in the context of the server. CVE-2022-27662 Impact If successful, a...

4.8CVSS5.5AI score0.00451EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•40 views

K55543151: BIG-IP TMUI vulnerability CVE-2021-23025

Security Advisory Description An authenticated remote command execution vulnerability exists in the BIG-IP Configuration utility. CVE-2021-23025 Impact This vulnerability may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or...

8.8CVSS8.9AI score0.02288EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•40 views

K37332121: Python vulnerability CVE-2017-1000158

Security Advisory Description CPython aka Python up to 2.7.13 is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-based buffer overflow and possible arbitrary code execution CVE-2017-1000158 Impact BIG-IP / ARX / Enterprise Manager / BIG-...

9.8CVSS8.3AI score0.08228EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•40 views

K02043709: Appliance mode tmsh access vulnerability CVE-2018-5520

Security Advisory Description On a BIG-IP system configured in Appliance mode, the TMOS Shell tmsh may allow an administrative user to use the dig utility to gain unauthorized access to file system resources. CVE-2018-5520 Note : Appliance mode is designed to meet the needs of customers in...

4.4CVSS4.8AI score0.01041EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•40 views

K94408282: OpenNTPD vulnerability CVE-2016-5117

Security Advisory Description OpenNTPD before 6.0p1 does not validate the CN for HTTPS constraint requests, which allows remote attackers to bypass the man-in-the-middle mitigations via a crafted timestamp constraint with a valid certificate. CVE-2016-5117 Impact There is no impact; F5 products a...

5.9CVSS5.7AI score0.00702EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•40 views

K68013105: OpenSSL vulnerability CVE-2022-1343

Security Advisory Description The function OCSPbasicverify verifies the signer certificate on an OCSP response. In the case where the non-default flag OCSPNOCHECKS is used then the response will be positive meaning a successful verification even in the case where the response signing certificate...

5.3CVSS7.3AI score0.01174EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•40 views

K12213311: Rsyslog v8.1908.0.0 vulnerability CVE-2019-17041

Security Advisory Description An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfrom/pmaixforwardedfrom.c has a heap overflow in the parser for AIX log messages. The parser tries to locate a log message delimiter in this case, a space or a colon but fails to account for strings...

9.8CVSS7.5AI score0.04568EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•40 views

K04224795: Java SE vulnerability CVE-2018-3211

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Serviceability. Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181. Easily exploitable vulnerability allows low privileged attacker with logo...

6.6CVSS6.6AI score0.00418EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•40 views

K26462555: BIG-IP ASM and BIG-IQ/Enterprise Manager/F5 iWorkflow device authentication and trust vulnerability CVE-2019-6665

Security Advisory Description An attacker with access to the device communication between the BIG-IP ASM Central Policy Builder and the BIG-IQ/Enterprise Manager/F5 iWorkflow will be able to set up the proxy the same way and intercept the traffic. CVE-2019-6665 Impact BIG-IP ASM / BIG-IQ /...

9.4CVSS8.7AI score0.0113EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•40 views

K04054286: Linux kernel TCP vulnerability CVE-2016-2070

Security Advisory Description The tcpcwndreduction function in net/ipv4/tcpinput.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service divide-by-zero error and system crash via crafted TCP traffic. CVE-2016-2070 Impact Successful exploitation of this vulnerabilit...

7.8CVSS7.2AI score0.03322EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•40 views

K32840424: BIG-IP APM XSS vulnerability CVE-2019-6591

Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. CVE-2019-6591 Impact An authenticated attacker may be able to inject malicious content...

5.4CVSS5.3AI score0.00624EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•40 views

K76678525: libxml2 vulnerabilities CVE-2015-8035 CVE-2016-5131 CVE-2017-15412 CVE-2017-18258 CVE-2018-14404 CVE-2018-14567

Security Advisory Description CVE-2015-8035 The xzdecomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service process hang via crafted XML data. CVE-2016-5131 Use-after-free vulnerability in libxml2...

8.8CVSS8AI score0.043EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•40 views

K38310742: Kerberos vulnerability CVE-2015-8629

Security Advisory Description The xdrnullstring function in lib/kadm5/kadmrpcxdr.c in kadmind in MIT Kerberos 5 aka krb5 before 1.13.4 and 1.14.x before 1.14.1 does not verify whether '\0' characters exist as expected, which allows remote authenticated users to obtain sensitive information or cau...

5.3CVSS6.1AI score0.03657EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•40 views

K16904: OpenSSL ssleay_rand_byte(s) regression CVE-2015-3216

Security Advisory Description Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleayrandbytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux RHEL 7 and other products, allows remote attackers to cause a denial of service...

4.3CVSS7.5AI score0.04302EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•40 views

K20804356: Samba vulnerabilities CVE-2019-3870 and CVE-2019-3880

Security Advisory Description CVE-2019-3870 A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that...

6.1CVSS4.8AI score0.03392EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:32 p.m.•40 views

K70117303: LibTIFF vulnerability CVE-2018-18557

Security Advisory Description LibTIFF 3.9.3, 3.9.4, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 with JBIG enabled decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a...

8.8CVSS7AI score0.1496EPSS
Exploits3Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:32 p.m.•40 views

K91171450: BIG-IP engineering hotfix Trusted Platform Module vulnerability CVE-2020-5851

Security Advisory Description On impacted versions and platforms, the Trusted Platform Module TPM system integrity check cannot detect modifications to specific system components. CVE-2020-5851 Impact BIG-IP The Trusted Platform Module TPM on the BIG-IP iSeries platforms i850, i2000, i4000, i5000...

4.6CVSS5AI score0.00332EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:31 p.m.•41 views

K44164245: XSS vulnerability CVE-2013-2618

Security Advisory Description Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter. CVE-2013-2618 Impact There is no impact; F5 products are not affected by this...

4.3CVSS5.8AI score0.04682EPSS
Exploits6
F5 Networks
F5 Networks
•added 2023/02/21 6:30 p.m.•40 views

K15689: Fine Free file vulnerabilites CVE-2014-1943 and CVE-2014-2270

Security Advisory Description CVE-2014-1943 Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file. CVE-2014-2270 softmagic.c in file before 5.17 and...

5CVSS8AI score0.0507EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:30 p.m.•40 views

K17460: OpenLDAP vulnerability CVE-2015-6908

Security Advisory Description The bergetnext function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote attackers to cause a denial of service reachable assertion and application crash via crafted BER data, as demonstrated by an attack against slapd. CVE-2015-6908 Impact A...

5CVSS5.3AI score0.19984EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:30 p.m.•40 views

K16873: ISC DHCP vulnerability CVE-2012-3955

Security Advisory Description ISC DHCP 4.1.x before 4.1-ESV-R7 and 4.2.x before 4.2.4-P2 allows remote attackers to cause a denial of service daemon crash in opportunistic circumstances by establishing an IPv6 lease in an environment where the lease expiration time is later reduced. CVE-2012-3955...

7.1CVSS6.3AI score0.21653EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:30 p.m.•40 views

K50314830: Samba MITM vulnerability CVE-2017-11103

Security Advisory Description Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. In krb5extractticket the KDC-REP service name must be obtained from t...

8.1CVSS7.3AI score0.05118EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:28 p.m.•40 views

K17202: Apache HTTP server vulnerability CVE-2012-3502

Security Advisory Description The proxy functionality in 1 modproxyajp.c in the modproxyajp module and 2 modproxyhttp.c in the modproxyhttp module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determine the situations that require closing a back-end connection, which allows remot...

4.3CVSS8.1AI score0.09555EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:26 p.m.•40 views

K85243532: Serendipity vulnerability CVE-2016-10082

Security Advisory Description include/functionsinstaller.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the dbType POST parameter before adding it to an include call in the...

9.8CVSS9.3AI score0.02883EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:26 p.m.•40 views

K33757590: BIG-IP Edge Client for Windows vulnerability CVE-2021-23023

Security Advisory Description A DLL hijacking issue exists in cachecleaner.dll included in the BIG-IP Edge Client Windows Installer. CVE-2021-23023 Impact This vulnerability may be exploited to allow an unprivileged user to use a malicious DLL to gain privilege escalation on the client Windows...

7.8CVSS7.8AI score0.003EPSS
Exploits0Affected Software2
Total number of security vulnerabilities5000