Lucene search
K

6398 matches found

F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•39 views

K45452200: Python-Pillow vulnerability CVE-2021-25287

Security Advisory Description An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala. CVE-2021-25287 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated th...

9.1CVSS7.6AI score0.02876EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•39 views

K17517: NTP vulnerability CVE-2015-7701

Security Advisory Description Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption. CVE-2015-7701 Impact An attacker could send packets tontpd that may, after several days of...

7.5CVSS7.8AI score0.06519EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•39 views

K15865: Apache HTTP server vulnerability CVE-2012-4558

Security Advisory Description Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject...

4.3CVSS5.9AI score0.22913EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•39 views

K15156: OpenSSH vulnerability CVE-2009-2904

Security Advisory Description A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux RHEL 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files withi...

6.9CVSS7.6AI score0.00318EPSS
Exploits0Affected Software7
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•39 views

K15150: cURL and libcurl vulnerability CVE-2013-4545

Security Advisory Description cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification CURLOPTSSLVERIFYHOST when the digital signature verification CURLOPTSSLVERIFYPEER is disabled, which allows man-in-the-middle attackers to spo...

4.3CVSS5.6AI score0.03076EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•39 views

K05770600: Linux libuser vulnerability CVE-2015-3246

Security Advisory Description libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE:...

7.2CVSS7.2AI score0.06797EPSS
Exploits10Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•40 views

K64208870: TMM vulnerability CVE-2018-15319

Security Advisory Description Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies. CVE-2018-15319 Impact An attacker may be able to...

7.8CVSS7.5AI score0.01859EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•39 views

K51470205: Intel DAL vulnerability CVE-2019-0170

Security Advisory Description Buffer overflow in subsystem in IntelR DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2019-0170 Impact Traffix SDC An attacker with local access to the system can exploit this vulnerability...

6.7CVSS7.3AI score0.00413EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•39 views

K44110411: BIG-IP SIP ALG vulnerability CVE-2022-23025

Security Advisory Description When a SIP ALG profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23025 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows an unauthenticated remot...

7.5CVSS7.5AI score0.00904EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•39 views

K30046854: Linux kernel vulnerability CVE-2019-19332

Security Advisory Description An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to...

6.1CVSS6.8AI score0.00679EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•39 views

K89434121: Linux kernel vulnerability CVE-2017-12193

Security Advisory Description The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service NULL pointer dereference and panic via a crafted application, as demonstrated by the...

5.5CVSS5.6AI score0.00451EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•39 views

K34041353: Linux kernel vulnerability CVE-2021-38202

Security Advisory Description fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service out-of-bounds read in strlen by sending NFS traffic when the trace event framework is being used for nfsd. CVE-2021-38202 Impact There is no impact; F5 product...

7.5CVSS6.1AI score0.0319EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•39 views

K58502654: Linux kernel vulnerability CVE-2018-20961

Security Advisory Description In the Linux kernel before 4.16.4, a double free vulnerability in the fmidisetalt function of drivers/usb/gadget/function/fmidi.c in the fmidi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. CVE-2018-20961 Impact The...

10CVSS7.5AI score0.06342EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•39 views

K34223526: Linux kernel vulnerability CVE-2018-14641

Security Advisory Description A security flaw was found in the ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ipdofragment. With certain non-default, but non-rare, configuration of a victim host, an...

7.1CVSS6.2AI score0.02861EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•39 views

K23134279: Node.js vulnerability CVE-2016-2216

Security Advisory Description The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unicode characters...

7.5CVSS8.6AI score0.07013EPSS
Exploits0Affected Software18
F5 Networks
F5 Networks
•added 2023/02/21 7:54 p.m.•39 views

K14601: BIND vulnerability CVE-2012-5689

Security Advisory Description ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query...

7.1CVSS7.3AI score0.12036EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•39 views

K22541983: BIG-IP virtual servers with Client SSL and HTTP/2 or SPDY configured vulnerability CVE-2017-6163

Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a...

5.9CVSS6AI score0.01674EPSS
Exploits0Affected Software8
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•39 views

K16366: GNU C Library (glibc) vulnerability CVE-2015-1472

Security Advisory Description stdio-common/vfscanf.c has an ADDW macro that tries to determine whether to use malloc or alloca for allocations. But in the malloc case, it only allocates newsize bytes instead of the required newsize sizeof CHART. Thus the allocated buffer gets overrun in the...

7.5CVSS7.8AI score0.04688EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 7:50 p.m.•39 views

K14600: BIND vulnerability CVE-2013-3919

Security Advisory Description When resolver.c is configured in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, or 9.6-ESV-R9 before 9.6-ESV-R9-P1, remote attackers may cause a denial-of-service DoS when querying for a record in a malformed zone. CVE-2013-3919 Impact Remote attackers can...

7.8CVSS6.2AI score0.0511EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:47 p.m.•39 views

K17386: vCMP DoS vulnerability CVE-2015-6546

Security Advisory Description An attacker sourcing malicious traffic from a network adjacent to the BIG-IP system may be able to cause a denial-of-service DoS condition on a vCMP host and the vCMP guests running on it. The vulnerability cannot be exploited outside of the local network segment or ...

6.1CVSS6.3AI score0.00721EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:47 p.m.•39 views

K16505: NTP vulnerability CVE-2015-1798

Security Advisory Description The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC...

1.8CVSS6.3AI score0.02219EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:45 p.m.•39 views

K84583382: VMware Tools vulnerability CVE-2015-5191

Security Advisory Description VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVE-2015-5191 Impact This vulnerability may allow a...

6.7CVSS7AI score0.00331EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:45 p.m.•39 views

K30409575: ISC DHCP vulnerability CVE-2016-2774

Security Advisory Description ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service INSIST assertion failure or request-processing outage by establishing many sessions...

7.1CVSS6.7AI score0.73622EPSS
Exploits0Affected Software6
F5 Networks
F5 Networks
•added 2023/02/21 7:40 p.m.•39 views

K15441: PHP vulnerability CVE-2011-1148

Security Advisory Description Use-after-free vulnerability in the substrreplace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact by using the same variable for multiple arguments...

7.5CVSS7.2AI score0.04736EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:40 p.m.•39 views

K73455417: obs-service-extract_file package vulnerability CVE-2016-4007

Security Advisory Description Multiple unspecified vulnerabilities in the obs-service-extractfile package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal...

10CVSS9.6AI score0.02474EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:39 p.m.•39 views

K74759095: SafeNet External Network HSM script vulnerability CVE-2017-6165

Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM...

9.8CVSS9.4AI score0.01925EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 7:37 p.m.•39 views

K16912: BIND vulnerability CVE-2015-4620

Security Advisory Description name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing...

7.8CVSS7.8AI score0.37872EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:33 p.m.•39 views

K15903: Multiple PHP vulnerabilities

Security Advisory Description Description CVE-2012-3365 The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors. CVE-2012-2329 Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4...

7.5CVSS9.3AI score0.62649EPSS
Exploits21
F5 Networks
F5 Networks
•added 2023/02/21 7:33 p.m.•39 views

K11091514: MySQL vulnerability CVE-2016-5626

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. CVE-2016-5626 Impact There is no impact; F5 products are not affected by this...

6.5CVSS6.4AI score0.06045EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:33 p.m.•39 views

K09408132: glibc vulnerability CVE-2011-1659

Security Advisory Description Integer overflow in posix/fnmatch.c in the GNU C Library aka glibc or libc6 2.13 and earlier allows context-dependent attackers to cause a denial of service application crash via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a...

5CVSS5AI score0.02856EPSS
Exploits1Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 7:29 p.m.•39 views

K12130880: BIG-IP APM client for Linux and macOS vulnerability CVE-2018-15332

Security Advisory Description The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition. CVE-2018-15332 Impact A...

7CVSS6.7AI score0.00319EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 7:29 p.m.•39 views

K15784: Kerberos vulnerability CVE-2013-1418

Security Advisory Description The setupserverrealm function in main.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted...

4.3CVSS6.8AI score0.05508EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:29 p.m.•39 views

K15785: Kerberos vulnerability CVE-2013-6800

Security Advisory Description An unspecified third-party database module for the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.10.x allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a crafted request, a different vulnerability...

4CVSS6.8AI score0.02608EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:27 p.m.•39 views

K3279: Heap-based buffer overflow in mod_proxy - CAN-2004-0492

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

10CVSS7.8AI score0.33639EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:25 p.m.•39 views

K16285: OpenSSL vulnerability CVE-2012-2110

Security Advisory Description The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service memory...

7.5CVSS8.9AI score0.48298EPSS
Exploits8Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:8 p.m.•39 views

K15358: OpenSSL vulnerability CVE-2009-0590

Security Advisory Description The ASN1STRINGprintex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service invalid memory access and application crash via vectors that trigger printing of a 1 BMPString or 2 UniversalString with an invalid encoded length...

5CVSS8.4AI score0.06194EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:6 p.m.•39 views

K43322910: Linux kernel vulnerability CVE-2017-6135

Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory OOM...

7.8CVSS7.7AI score0.01637EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 7:5 p.m.•39 views

K17248: OpenSSL vulnerability CVE-2010-0742

Security Advisory Description The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or...

7.5CVSS8.3AI score0.07834EPSS
Exploits2Affected Software9
F5 Networks
F5 Networks
•added 2023/02/21 7:4 p.m.•39 views

K08421805: GStreamer vulnerability CVE-2016-9635

Security Advisory Description Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a skip count that goes...

9.8CVSS9.3AI score0.09267EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:3 p.m.•39 views

K15345: GnuTLS vulnerability CVE-2014-3466

Security Advisory Description Buffer overflow in the readserverhello function in lib/gnutlshandshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service memory corruption or possibly execute arbitrary code via a long session id...

6.8CVSS9.3AI score0.11221EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:2 p.m.•39 views

K68942513: Java vulnerability CVE-2013-5780

Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via...

4.3CVSS6.9AI score0.03433EPSS
Exploits0Affected Software5
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•39 views

K37111863: NodeJS vulnerability CVE-2018-12120

Security Advisory Description Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the...

8.1CVSS8AI score0.04277EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•39 views

K47605350: MySQL vulnerability CVE-2016-5631

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached. CVE-2016-5631 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

4.9CVSS5.5AI score0.02471EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•39 views

K36784855: Apache Tomcat vulnerability CVE-2016-0762

Security Advisory Description The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to...

5.9CVSS6.6AI score0.07991EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•39 views

K04327352: Multiple MySQL data manipulation language vulnerabilities

Security Advisory Description CVE-2017-3634 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acces...

6.5CVSS6.2AI score0.03198EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•39 views

K29814751: Intel AMT vulnerabilities CVE-2020-0537, CVE-2020-0538, and CVE-2020-0540

Security Advisory Description CVE-2020-0537 Improper input validation in subsystem for IntelR AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privileged user to potentially enable denial of service via network access. CVE-2020-0538 Improper input validation in subsystem fo...

7.5CVSS5.8AI score0.0231EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•39 views

K06015902: Intel AMT vulnerabilities CVE-2020-0531, CVE-2020-0532, and CVE-2020-0535

Security Advisory Description CVE-2020-0531 Improper input validation in IntelR AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user to potentially enable information disclosure via network access. CVE-2020-0532 Improper input validation in subsystem for...

7.1CVSS5.9AI score0.01646EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•39 views

K50112422: Linux kernel vulnerability CVE-2020-11884

Security Advisory Description In the Linux kernel through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enablesacfuaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. ...

7CVSS6.8AI score0.00397EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•39 views

K51197241: ICU vulnerability CVE-2020-10531

Security Advisory Description An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp. CVE-2020-10531 Impact There is no impact; F5...

8.8CVSS8AI score0.02669EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:58 p.m.•39 views

K15551553: OpenSSL vulnerability CVE-2017-3730

Security Advisory Description In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack...

7.5CVSS7.5AI score0.55294EPSS
Exploits5
Total number of security vulnerabilities5000