Lucene search
K

6395 matches found

F5 Networks
F5 Networks
•added 2024/05/08 1:18 p.m.•33 views

K000138912: BIG-IP SSL vulnerability CVE-2024-28889

Security Advisory Description When an SSL profile with alert timeout is configured with a non-default value on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-28889 Impact Traffic is...

5.9CVSS7.1AI score0.00443EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2024/05/08 1:14 p.m.•33 views

K000138898: BIG-IP Advanced WAF/ASM, BIG-IP Next WAF, and NGINX App Protect WAF attack signature check failure

Security Advisory Description BIG-IP Advanced WAF/ASM, BIG-IP Next WAF, or NGINX App Protect WAF may fail to match an attack signature. This issue occurs when all of the following conditions are met: The affected security policy has a large number of attack signatures enabled for example, all or...

7AI score
Exploits0
F5 Networks
F5 Networks
•added 2024/02/14 1:52 p.m.•33 views

K000137270: BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2024-21789

Security Advisory Description When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2024-21789 Impact System performance can degrade until the bd process is either forced to restart or is...

7.5CVSS7.6AI score0.00515EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2024/02/14 1:45 p.m.•33 views

K000137886: BIG-IP Next CNF vulnerability CVE-2024-23306

Security Advisory Description A vulnerability exists in BIG-IP Next CNF systems that may allow access to undisclosed sensitive files. CVE-2024-23306 Impact An authenticated attacker may be able to modify or remove undisclosed configuration files causing a loss of confidentiality and integrity. Th...

7.1CVSS4.9AI score0.00153EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/02/14 1:32 p.m.•33 views

K000137416: BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2024-23308

Security Advisory Description When a BIG-IP Advanced WAF or BIG-IP ASM policy with a Request Body Handling option is attached to a virtual server, undisclosed requests can cause the BD process to terminate. The condition results from setting the Request Body Handling option in the Header-Based...

7.5CVSS7.6AI score0.00515EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2024/01/13 12:6 a.m.•33 views

K000138219: libssh2 vulnerability CVE-2020-22218

Security Advisory Description An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory. CVE-2020-22218 Impact An attacker may be able to cause disclosure of information from process memory. Security Advisory Status F5 Product Developme...

7.5CVSS7AI score0.00914EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/11/16 11:18 p.m.•33 views

K000137612: Oracle Java SE vulnerability CVE-2023-22025

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle...

3.7CVSS3.4AI score0.00883EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/10/11 5:7 p.m.•33 views

K000137201: Intel BIOS vulnerability CVE-2022-37343

Security Advisory Description Improper access control in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-37343 Impact This vulnerability may allow a privileged user to potentially enable escalation o...

7.2CVSS6.6AI score0.00157EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/10/10 10:6 a.m.•33 views

K20850144: BIG-IP and BIG-IQ DB variable vulnerability CVE-2023-41964

Security Advisory Description The BIG-IP and BIG-IQ systems do not encrypt the values of two Database DB variables, a password used for a proxy server connection and a RADIUS/TACACS+ shared secret. CVE-2023-41964 Impact An authenticated attacker may be able to gain access to privileged informatio...

6.5CVSS6.9AI score0.00244EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/10/03 4:39 p.m.•33 views

K000137105: libvpx vulnerability CVE-2023-5217

Security Advisory Description Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High CVE-2023-5217 Impact There is no impac...

8.8CVSS7.9AI score0.49013EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/09/22 6:12 p.m.•33 views

K000136957: Apache struts vulnerability CVE-2023-41835

Security Advisory Description When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to versions Struts 2.5.32 or 6.1.2.2 or Strut...

7.5CVSS7.4AI score0.06286EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/08/11 10:31 p.m.•33 views

K000135831: Node.js vulnerability CVE-2023-32067

Security Advisory Description c-ares is an asynchronous resolver library. c-ares is vulnerable to denial of service. If a target resolver sends a query, the attacker forges a malformed UDP packet with a length of 0 and returns them to the target resolver. The target resolver erroneously interpret...

7.5CVSS6.6AI score0.01577EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/07/27 7:6 p.m.•33 views

K000135635: Java vulnerability CVE-2023-22044

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6...

3.7CVSS3.3AI score0.01127EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/07/27 6:54 a.m.•33 views

K000135627: Oracle MySQL vulnerability CVE-2023-22057

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Replication. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS5.1AI score0.01199EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/07/26 11:40 p.m.•33 views

K000135621: VMware Tools vulnerability CVE-2023-20867

Security Advisory Description A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. CVE-2023-20867 Impact There is no impact; F5 products are not affected by this...

3.9CVSS5.4AI score0.13638EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/07/17 7:56 a.m.•33 views

K000135507: Java vulnerabilities CVE-2020-14781

Security Advisory Description ​​​​​​Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JNDI. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker...

4.3CVSS5.5AI score0.02296EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/06/30 1:29 p.m.•33 views

K000135330: Multiple Nucleus TCP/IP stack vulnerabilities

Security Advisory Description CVE-2021-31889 A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 an...

9.1CVSS8.7AI score0.02371EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/05/25 5:25 p.m.•33 views

K000134793: OpenJDK vulnerability CVE-2018-2952

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit...

4.3CVSS5.8AI score0.04184EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/05/23 5:26 p.m.•33 views

K000134744: Intel BIOS vulnerability CVE-2022-38087

Security Advisory Description Exposure of resource to wrong sphere in BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access. CVE-2022-38087 Impact A privileged user may be able to enable information disclosure via local...

5.5CVSS4.9AI score0.00183EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/05/22 11:36 p.m.•33 views

K000134735: Intel BIOS vulnerability CVE-2022-33894

Security Advisory Description Improper input validation in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-33894 Impact There is no impact; F5 products are not affected by this vulnerability. Securit...

7.8CVSS7.5AI score0.00247EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/05/18 8:39 p.m.•33 views

K000134670: Linux kernel vulnerability CVE-2022-2964

Security Advisory Description A flaw was found in the Linux kernel's driver for the ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. CVE-2022-2964 Impact There is no impact; F5 products are not...

7.8CVSS6.4AI score0.00296EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/04/21 11:13 p.m.•33 views

K000133616: Node.js vulnerability CVE-2023-23919

Security Advisory Description A cryptographic vulnerability exists in Node.js 19.2.0, 18.14.1, 16.19.1, 14.21.3 that in some cases did does not clear the OpenSSL error stack after operations that may set it. This may lead to false positive errors during subsequent cryptographic operations that...

7.5CVSS6.6AI score0.02209EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•33 views

K29280193: BIG-IP Configuration utility vulnerability CVE-2019-6597

Security Advisory Description When authenticated administrative users run commands in the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. CVE-2019-6597 Impact BIG-IP and Enterprise Manager This...

7.2CVSS7.3AI score0.01274EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•33 views

K49440608: TMOS vulnerability CVE-2018-5509

Security Advisory Description When a specifically configured virtual server receives traffic of an undisclosed nature, the Traffic Management Microkernel TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration that exposes this issue is n...

7.8CVSS7.5AI score0.02866EPSS
Exploits0Affected Software8
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•33 views

K55129614: tcpdump vulnerabilities CVE-2016-7975, CVE-2016-7986, and CVE-2017-5341

Security Advisory Description CVE-2016-7975 The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcpprint. CVE-2016-7986 The GeoNetworking parser in tcpdump before 4.9.0 has a buffer overflow in print-geonet.c, multiple functions. CVE-2017-5341 The OTV parser in tcpdump...

9.8CVSS8.7AI score0.05333EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 8:1 p.m.•33 views

K15401: OpenSSL vulnerability CVE-2012-2333

Security Advisory Description Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a...

6.8CVSS9AI score0.28154EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•33 views

K13053402: TMM vulnerability CVE-2016-7468

Security Advisory Description An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4 devices with maliciously crafted network traffic. This vulnerability affects virtual servers associated with TCP profiles when the BIG-IP system's tm.tcpprogressive db...

5.9CVSS6.7AI score0.01766EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•33 views

K30446705: GnuTLS vulnerability CVE-2020-13777

Security Advisory Description GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3. The earliest affected version is 3.6.4 2018-09-24 because of an error in a 2018-09-18 commit. Until t...

7.4CVSS7.6AI score0.17507EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•33 views

K14712: The BIG-IP APM access policy logout page may be vulnerable to XSS cookie tampering CVE-2013-5976

Security Advisory Description Description The BIG-IP APM access policy logout page may be vulnerable to cross-site scripting XSS. Impact XSS protection in the BIG-IP APM access policy logout page may be insufficient. Security Advisory Status F5 Product Development tracked this vulnerability as ID...

6.2AI score
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•33 views

K54562183: BIG-IP PEM vulnerability CVE-2018-5503

Security Advisory Description TMM may restart when processing a specifically crafted page through a virtual server with an associated PEM policy that has content insertion as an action. CVE-2018-5503 Impact An attacker may be able to cause a remote denial of service DoS. Security Advisory Status ...

7.5CVSS7.6AI score0.01776EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•34 views

K15155: OpenSSH vulnerability CVE-2007-3102

Security Advisory Description Unspecified vulnerability in the linuxauditrecordevent function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. CVE-2007-3102 Impact None. F5 products...

4.3CVSS6.6AI score0.02342EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•33 views

K65397301: iRules RESOLVER::summarize memory leak vulnerability CVE-2021-23049

Security Advisory Description When the iRules RESOLVER::summarize command is used on a virtual server, undisclosed requests can cause an increase in Traffic Management Microkernel TMM memory utilization resulting in an out-of-memory condition and a denial-of-service DoS. CVE-2021-23049 Impact...

7.5CVSS7.5AI score0.00961EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•33 views

K58935003: F5 Container Connector vulnerability CVE-2018-5543

Security Advisory Description The F5 BIG-IP Controller for Kubernetes k8s-bigip-crtl passes BIG-IP username and password as command line parameters, which may lead to disclosure of the credentials used by the container. CVE-2018-5543 Impact F5 BIG-IP Controller for Kubernetes This vulnerability...

8.8CVSS8.9AI score0.01245EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•33 views

K88474783: BIG-IP DoS profile vulnerability CVE-2020-5879

Security Advisory Description Under certain configurations, the BIG-IP system sends data plane traffic to back-end servers unencrypted, even when a Server SSL profile is applied. CVE-2020-5879 Impact The affected system sends some requests to the back-end server without encryption, possibly leaki...

7.5CVSS7.5AI score0.00792EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•33 views

K17119: MySQL vulnerability CVE-2015-2576

Security Advisory Description Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier, when running on Windows, allows local users to affect integrity via unknown vectors related to Installation. CVE-2015-2576 Impact There is no impact; F5 products are not...

2.1CVSS3.6AI score0.00438EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•33 views

K13434228: Apache Struts vulnerability CVE-2012-0392

Security Advisory Description The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method...

6.8CVSS9.5AI score0.96787EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K19916307: glibc vulnerability CVE-2015-1473

Security Advisory Description The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of...

6.4CVSS7.4AI score0.02129EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K12936322: BIG-IP restjavad vulnerability CVE-2020-5912

Security Advisory Description The restjavad process dump command does not follow current best coding practices and may overwrite arbitrary files. CVE-2020-5912 Impact A locally authenticated attacker may exploit this vulnerability by overwriting arbitrary files on the file system. Security Adviso...

7.1CVSS6.9AI score0.00321EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K03512441: ImageMagick vulnerability CVE-2019-13136

Security Advisory Description ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. CVE-2019-13136 Impact BIG-IP AAM, Edge Gateway, WebAccelerator This issue affects BIG-IP systems only when WAM or AAM is provisioned. If exploited...

7.8CVSS7.4AI score0.01457EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K01993501: Linux kernel vulnerability CVE-2016-10906

Security Advisory Description An issue was discovered in drivers/net/ethernet/arc/emacmain.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arcemactx and arcemactxclean. CVE-2016-10906 Impact There is no impact; F5 products are not affected by...

7CVSS6.3AI score0.0037EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K18491258: Cluster component of Oracle MySQL vulnerabilities CVE-2016-5541, CVE-2017-3321, CVE-2017-3322, and CVE-2017-3323

Security Advisory Description CVE-2016-5541 Vulnerability in the MySQL Cluster component of Oracle MySQL subcomponent: Cluster: NDBAPI. Supported versions that are affected are 7.2.26 and earlier, 7.3.14 and earlier and 7.4.12 and earlier. Difficult to exploit vulnerability allows unauthenticated...

5.8CVSS3.5AI score0.04983EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K03814795: Linux kernel vulnerability CVE-2019-16089

Security Advisory Description An issue was discovered in the Linux kernel through 5.2.13. nbdgenlstatus in drivers/block/nbd.c does not check the nlaneststartnoflag return value. CVE-2019-16089. Impact This vulnerability may allow a local user to perform a denial-of-service DoS attack. Security...

4.7CVSS6.4AI score0.00387EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K61643620: BIG-IP TMUI XSS vulnerability CVE-2021-23038

Security Advisory Description A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2021-23038 Impact An authenticated attacker may exploit...

9CVSS7.5AI score0.00916EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•33 views

K23720587: Apache Solr vulnerability CVE-2019-12409

Security Advisory Description The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLEREMOTEJMXOPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX...

9.8CVSS9.4AI score0.21866EPSS
Exploits4
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•33 views

K67190282: MySQL X plugin vulnerabilities CVE-2017-3637 and CVE-2017-3646

Security Advisory Description CVE-2017-3637 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: X Plugin. Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols...

5.3CVSS5AI score0.0245EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•33 views

K31833420: Multiple Oracle Java SE vulnerabilities

Security Advisory Description CVE-2022-21305 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4 and...

5.3CVSS4.7AI score0.07748EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•33 views

K48209417: PostgreSQL vulnerabilities CVE-2018-10915 and CVE-2018-10925

Security Advisory Description CVE-2018-10915 A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrust...

8.5CVSS8.1AI score0.05154EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•33 views

K25033460: TMM vulnerability CVE-2017-6133

Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service. CVE-2017-6133 Impact The Traffic Management Microkernel TMM generates a core...

7.8CVSS7.6AI score0.0236EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•33 views

K16781: Linux kernel vulnerability CVE-2014-3535

Security Advisory Description Description include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdevprintk and its related logging implementation, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash by sending...

7.8CVSS7.8AI score0.0415EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•33 views

K15931: Unbound vulnerability CVE-2014-8602

Security Advisory Description iterator.c in NLnet Labs Unbound before 1.5.1 does not limit delegation chaining, which allows remote attackers to cause a denial of service memory and CPU consumption via a large or infinite number of referrals. CVE-2014-8602 Impact An attacker with a properly...

4.3CVSS6.5AI score0.25205EPSS
Exploits0Affected Software1
Total number of security vulnerabilities5000