Lucene search
K

6392 matches found

F5 Networks
F5 Networks
•added 2023/02/21 7:27 p.m.•31 views

K11503: BIND 9 vulnerability CVE-2009-0265

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about F5's security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...

7.5CVSS7.7AI score0.02474EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:26 p.m.•31 views

K41107914: iControl REST vulnerability CVE-2016-9251

Security Advisory Description In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection. CVE-2016-9251 Impact An authenticated attacker may be able to cause an escalation of privileges through a crafte...

8.8CVSS8.7AI score0.01514EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 7:26 p.m.•31 views

K70204455: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2016-0640 Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier allows local users to affect integrity and availability via vectors related to DML. CVE-2016-0642 Unspecified vulnerability in Oracle MySQL 5.5.48 a...

6.1CVSS5.2AI score0.01802EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:25 p.m.•31 views

K2104: Buffer read overflow in DNS resolver libraries - CAN-2002-1146

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

5CVSS6.3AI score0.03279EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:6 p.m.•31 views

K15722: OpenSSL DTLS SRTP Memory Leak CVE-2014-3513

Security Advisory Description A flaw in the DTLS SRTP extension parsing code allows an attacker, who ends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial of Service attack. This issue affects...

7.1CVSS7.3AI score0.37072EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:6 p.m.•31 views

K17524: NTP vulnerability CVE-2015-7854

Security Advisory Description Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted key file. CVE-2015-7854 Impact...

8.8CVSS8.2AI score0.1456EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:4 p.m.•31 views

K16827: Apache Struts vulnerability CVE-2015-1831

Security Advisory Description Description Incorrect default exclude patterns were introduced in version 2.3.20 of Struts, if default settings are used, the attacker can compromise internal application's state. CVE-2015-1831 Impact There is no impact; F5 products are not affected by this...

7.5CVSS6.5AI score0.06312EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:3 p.m.•31 views

K15348: OpenSSL DTLS Buffer vulnerability CVE-2009-1387

Security Advisory Description The dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an out-of-sequence DTLS handshake message, related to a "fragment bug."...

5CVSS7AI score0.10254EPSS
Exploits1Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:1 p.m.•31 views

K25719440: D-Bus vulnerability CVE-2019-12749

Security Advisory Description dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, uses of dbus-daemon, allows cookie spoofing because of symlink mishandling in the reference implementation of...

7.1CVSS7.2AI score0.00555EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K15480: PHP vulnerability CVE-2012-2688

Security Advisory Description Description Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow." CVE-2012-2688 Impact None. F5 products are not...

10CVSS9.3AI score0.10467EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K10631282: Flip Feng Shui (FFS) vulnerability

Security Advisory Description Flip Feng Shui FFS a new exploitation vector that allows an attacker to induce bit flips over arbitrary physical memory in a fully controlled way. FFS relies on the following underlying primitives: The ability to induce bit flips in controlled but not predetermined...

6.5AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K64124988: TMM IPv6 stack vulnerability CVE-2022-29479

Security Advisory Description When an IPv6 self IP address is configured and the ipv6.strictcompliance database key is enabled disabled by default on a BIG-IP system, undisclosed packets may cause decreased performance.CVE-2022-29479 Impact This vulnerability allows an unauthenticated attacker to...

5.3CVSS5.7AI score0.00854EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K49436091: MySQL vulnerabilities CVE-2018-2668, CVE-2018-2696, and CVE-2018-2703

Security Advisory Description CVE-2018-2668 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacke...

7.8CVSS7.3AI score0.0452EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K26430555: MySQL vulnerability CVE-2016-5625

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging. CVE-2016-5625 Impact There is no impact; F5 products are not affected by this vulnerabilit...

7CVSS5.6AI score0.00399EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K44873550: Apache Storm vulnerability CVE-2021-38294

Security Advisory Description A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution RCE prior to authentication...

9.8CVSS9.5AI score0.84489EPSS
Exploits4
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K43815022: BIG-IP crypto driver vulnerability CVE-2020-5882

Security Advisory Description Under certain conditions, the Intel QuickAssist Technology QAT cryptography driver may produce a Traffic Management Microkernel TMM core file. CVE-2020-5882 Impact The BIG-IP system temporarily fails to process traffic as it recovers from TMM restarting, and systems...

7.5CVSS7.4AI score0.01044EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K45432295: BIG-IP APM logging disclosure vulnerability CVE-2017-6139

Security Advisory Description Under rare conditions, the BIG-IP APM system appends log details when responding to client requests. Details in the log file can vary; customers running debug mode logging with BIG-IP APM are at highest risk. CVE-2017-6139 Impact A vulnerable BIG-IP APM system may...

5.9CVSS5.8AI score0.01699EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•31 views

K35750231: TMM vulnerability CVE-2020-5878

Security Advisory Description Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE while processing unusual IP traffic. CVE-2020-5878 Impact The BIG-IP VE system may temporarily fail to process traffic as it recovers from a TMM restart. If the BIG-IP VE system is configured...

7.5CVSS7.4AI score0.01044EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•31 views

K16342: GNU C Library (glibc) vulnerability CVE-2012-6656

Security Advisory Description iconvdata/ibm930.c in GNU C Library aka glibc before 2.16 allows context-dependent attackers to cause a denial of service out-of-bounds read via a multibyte character value of "0xffff" to the iconv function when converting IBM930 encoded data to UTF-8. CVE-2012-6656...

5CVSS8.6AI score0.03439EPSS
Exploits1Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•31 views

K65355492: Apache vulnerability CVE-2018-5506

Security Advisory Description Apache modules apacheauthtokenmod and modauthf5authtoken.cpp allow possible unauthenticated bruteforce on the emserverip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager EM and managed...

9.8CVSS9.5AI score0.0073EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•31 views

K93174402: Apache Struts 2 vulnerability CVE-2016-3090

Security Advisory Description The TextParseUtil.translateVariables method in Apache Struts 2.x before 2.3.20 allows remote attackers to execute arbitrary code via a crafted OGNL expression with ANTLR tooling. CVE-2016-3090 Impact There is no impact; F5 products are not affected by this...

8.8CVSS8.9AI score0.05663EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•31 views

K75432956: BIG-IP ASM vulnerability CVE-2018-5539

Security Advisory Description Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file. CVE-2018-5539 Impact BIG-IP The affected BIG-IP AS...

7.5CVSS7.5AI score0.01782EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•31 views

K67317871: Python Pillow vulnerability CVE 2016-4009

Security Advisory Description Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative values of the new size, which triggers a heap-based buffer overflow. CVE-2016-4009 Impact There ...

10CVSS9.8AI score0.07871EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•31 views

K05122252: Bash vulnerability CVE-2012-6711

Security Advisory Description A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LCCTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the...

7.8CVSS7.5AI score0.0051EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•31 views

K24084759: Linux kernel vulnerability CVE-2018-9517

Security Advisory Description In pppol2tpconnect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel...

7.2CVSS6.5AI score0.00424EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•31 views

K92254835: Binutils vulnerability CVE-2018-12641

Security Advisory Description An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demanglearmhptemplate, demangleclassname,...

5.5CVSS6.2AI score0.02077EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•31 views

K45143221: BIG-IP AVRD vulnerability CVE-2020-27728

Security Advisory Description Under certain conditions, Analytics, Visibility, and Reporting daemon AVRD may generate a core file and restart on the BIG-IP system when processing requests sent from mobile devices. CVE-2020-27728 Impact This may allow an attacker to initiate a denial-of-service Do...

7.5CVSS7.3AI score0.01002EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•31 views

K26351280: HTTP proxy client implementations vulnerability VU#905344

Security Advisory Description HTTP CONNECT requests and 407 Proxy Authentication Required messages are not integrity protected and are susceptible to man-in-the-middle attacks. WebKit-based applications are additionally vulnerable to arbitrary HTML markup and JavaScript execution in the context o...

6.8AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•31 views

K92307453: MySQL Server Replication vulnerabilities CVE-2017-3647 and CVE-2017-3649

Security Advisory Description CVE-2017-3647 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Difficult to exploit vulnerability allows high privileged attacker with...

4.4CVSS4.6AI score0.02697EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•31 views

K51182024: libxml2 2.7.8 vulnerability CVE-2010-4494

Security Advisory Description Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling...

7.5CVSS7.9AI score0.07533EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•31 views

K18535734: BIG-IP Secure Vault vulnerability CVE-2019-6609

Security Advisory Description This vulnerability impacts only the iSeries platforms. On these platforms, the secureKeyCapable attribute is not set, which causes the Secure Vault feature to not use F5 hardware support to store the unit key. Instead, the unit key is stored in plaintext on disk, as ...

9.8CVSS9.4AI score0.01458EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•31 views

K85113405: Adobe Flash Player vulnerability CVE-2020-9746

Security Advisory Description Adobe Flash Player version 32.0.0.433 and earlier are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution. Exploitation of this issue requires an attacker to insert malicious strings in an HTTP...

9.3CVSS8.8AI score0.04427EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•31 views

K27992001: MySQL vulnerabilities CVE-2018-2805, CVE-2018-2810, CVE-2018-2812, CVE-2018-2813, and CVE-2018-2816

Security Advisory Description CVE-2018-2805 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: GIS Extension. Supported versions that are affected are 5.6.39 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocol...

6.5CVSS5.9AI score0.03051EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•31 views

K16471: Linux kernel vulnerability CVE-2010-0415

Security Advisory Description The dopagesmove function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service OOPS, and possibly have unspecified other impact by specifying ...

4.6CVSS7.3AI score0.01819EPSS
Exploits3Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 6:49 p.m.•31 views

K64343470: Linux kernel vulnerability CVE-2017-6874

Security Advisory Description Race condition in kernel/ucount.c in the Linux kernel through 4.10.2 allows local users to cause a denial of service use-after-free and system crash or possibly have unspecified other impact via crafted system calls that leverage certain decrement behavior that cause...

7CVSS6.3AI score0.00263EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:49 p.m.•31 views

K28312671: MySQL vulnerabilities CVE-2019-2683, CVE-2019-2685, CVE-2019-2686, CVE-2019-2687, and CVE-2019-2688

Security Advisory Description CVE-2019-2683 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Options. Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker...

4.9CVSS5.1AI score0.02021EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•31 views

K51743312: NTP vulnerability CVE-2018-7183

Security Advisory Description Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. CVE-2018-7183 Impact There is no impact; F5 products are not...

9.8CVSS8.1AI score0.10777EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•31 views

K44691188: Intel TXE / SPS vulnerabilities CVE-2020-0566, CVE-2020-0586

Security Advisory Description CVE-2020-0566 Improper Access Control in subsystem for IntelR TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2020-0586 Improper initialization in subsystem for IntelR SPS...

7.8CVSS6.9AI score0.00452EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•31 views

K12044607: TMM vulnerability CVE-2017-6132

Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2, 11.6.0 to 11.6.1 and 11.5.0 - 11.5.4, an undisclosed sequence of packets sent to BIG-IP High Availability state mirror listeners...

7.5CVSS7.7AI score0.02537EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•31 views

K85585101: Intel UEFI vulnerability CVE-2019-0119

Security Advisory Description Buffer overflow vulnerability in system firmware for IntelR XeonR Processor D Family, IntelR XeonR Scalable Processor, IntelR Server Board, IntelR Server System and IntelR Compute Module may allow a privileged user to potentially enable escalation of privilege and/or...

7.2CVSS6.8AI score0.00434EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•31 views

K44200194: DNS TCP virtual server vulnerability CVE-2018-5501

Security Advisory Description In some circumstances TCP DNS profile allows excessive buffering due to lack of flow control. CVE-2018-5501 Impact The affected BIG-IP system may experience performance degradation or denial-of-service DoS in the worst-case scenario when the vulnerability is exploite...

5.9CVSS5.8AI score0.01358EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•31 views

K47592780: BIG-IQ vulnerability CVE-2022-23009

Security Advisory Description An authenticated administrative role user on a BIG-IQ managed BIG-IP device can access other BIG-IP devices managed by the same BIG-IQ system. CVE-2022-23009 Impact An authenticated administrative role attacker can potentially gain access to all BIG-IP devices manage...

9CVSS7AI score0.01112EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•31 views

K44462254: Reflected Cross-Site Scripting (XSS) vulnerability CVE-2018-15312

Security Advisory Description A reflected Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the current logged-in user. CVE-2018-15312 Impact A remote unauthenticated attacker...

6.1CVSS6.1AI score0.00932EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•31 views

K05300051: TMM SCTP vulnerability CVE-2021-23013

Security Advisory Description The Traffic Management Microkernel TMM may stop responding when processing Stream Control Transmission Protocol SCTP traffic under certain conditions. This vulnerability affects TMM by way of a virtual server configured with an SCTP profile. CVE-2021-23013 Impact...

7.5CVSS7.3AI score0.00861EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•31 views

K13534168: GNU Binutils vulnerability CVE-2019-9070

Security Advisory Description An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in dexpression1 in cp-demangle.c after many recursive calls. CVE-2019-9070 Impact Successful exploitation of this vulnerability may lead to disclosure o...

7.8CVSS7.8AI score0.01802EPSS
Exploits1Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•31 views

K00721320: BIG-IP AFM NAT64 policy vulnerability CVE-2022-41806

Security Advisory Description When a BIG-IP AFM Network Address Translation policy with IPv6/IPv4 translation rules is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-41806 Impact System performance can degrade until the TMM...

7.5CVSS7.5AI score0.00616EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•31 views

K44472013: MySQL Server Optimizer vulnerability CVE-2022-21440

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromis...

5.5CVSS5.3AI score0.01116EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•31 views

K87659521: Appliance mode tmsh vulnerability CVE-2019-6615

Security Advisory Description On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems. CVE-2019-6615 Impact Attackers can gain...

4.9CVSS5.4AI score0.01113EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:45 p.m.•31 views

K43552605: Out-of-bounds memory vulnerability with the BIG-IP APM system CVE-2015-8098

Security Advisory Description An out-of-bounds memory vulnerability may allow an unauthenticated BIG-IP APM user to cause a denial-of-service DoS or possibly perform remote code execution on a BIG-IP system when a remote desktop profile is assigned to a virtual server. CVE-2015-8098. For example,...

10CVSS9.9AI score0.04704EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:44 p.m.•31 views

K16435: GNU C Library vulnerability CVE-2014-6040

Security Advisory Description GNU C Library aka glibc before 2.20 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via a multibyte character value of "0xffff" to the iconv function when converting 1 IBM933, 2 IBM935, 3 IBM937, 4 IBM939, or 5 IBM1364...

5CVSS8.6AI score0.06564EPSS
Exploits1Affected Software20
Total number of security vulnerabilities5000