Lucene search
K

6392 matches found

F5 Networks
F5 Networks
•added 2026/06/04 6:40 a.m.•29 views

K000161576: Linux kernel vulnerabilities CVE-2025-39841 and CVE-2025-39727

Security Advisory Description CVE-2025-39841 In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a use-after-free window by correcting the buffer release sequence in the deferred receive path. The code freed the ...

7.8CVSS6.8AI score0.00167EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/09/29 9:38 p.m.•29 views

K000156685: Multiple ImageMagick vulnerabilities

Security Advisory Description CVE-2014-9808 ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash via a crafted dpc image. CVE-2014-9809 ImageMagick allows remote attackers to cause a denial of service segmentation fault and application crash vi...

7.8CVSS7.5AI score0.01625EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/03/24 12:13 a.m.•29 views

K000150505: LuaJIT vulnerabilities CVE-2019-19391, CVE-2020-15890, CVE-2020-24372

Security Advisory Description CVE-2019-19391 In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled...

9.1CVSS6.9AI score0.02862EPSS
Exploits2
F5 Networks
F5 Networks
•added 2025/03/14 10:42 p.m.•29 views

K000150394: Intel QuickAssist Technology vulnerabilities CVE-2024-29223, CVE-2023-32277, CVE-2024-31153, and CVE-2024-31858

Security Advisory Description CVE-2024-29223 Uncontrolled search path for some IntelR QuickAssist Technology software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2023-32277 Untrusted Pointer Dereference in I/O subsystem...

7.8CVSS6.5AI score0.00238EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/02/28 7:47 p.m.•29 views

K000150185: TCP/IP protocol vulnerabilities CVE-2024-7595, CVE-2024-7596, CVE-2025-23018, and CVE-2025-23019

Security Advisory Description CVE-2024-7595 GRE and GRE6 Protocols RFC2784 do not validate or verify the source of a network packet allowing an attacker to spoof and route arbitrary traffic via an exposed network interface that can lead to spoofing, access control bypass, and other unexpected...

6.5CVSS5.6AI score0.01552EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/11/26 2:7 a.m.•29 views

K000148713: libssh2 vulnerabilities CVE-2019-3858 and CVE-2019-3862

Security Advisory Description CVE-2019-3858 An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory...

9.1CVSS7.5AI score0.08114EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/11/12 5:28 p.m.•29 views

K000148511: WebKitGTK and WPE WebKit vulnerability CVE-2023-42950

Security Advisory Description A use after free issue was addressed with improved memory management. This issue is fixed in Safari 17.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2, watchOS 10.2, macOS Sonoma 14.2. Processing maliciously crafted web content may lead to arbitrary code execution...

8.8CVSS7.3AI score0.01069EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/11/11 2:38 p.m.•29 views

K000148485: qt vulnerabilities CVE-2017-10905 and CVE-2014-0190

Security Advisory Description CVE-2017-10905 A vulnerability in applications created using Qt for Android prior to 5.9.3 allows attackers to alter environment variables via unspecified vectors. CVE-2014-0190 The GIF decoder in QtGui in Qt before 5.3 allows remote attackers to cause a denial of...

6.8CVSS5.5AI score0.03957EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/10/30 11:21 p.m.•29 views

K000148343: Diffie-Hellman key exchange protocol vulnerability CVE-2024-41996

Security Advisory Description Validating the order of the public keys in the Diffie-Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers from the client side to trigger unnecessarily expensive server-side DHE modular-exponentiation calculations. The client...

7.5CVSS7.6AI score0.01083EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2024/10/28 8:45 p.m.•29 views

K000148290: Moment.JS vulnerabilities CVE-2017-18214 and CVE-2022-24785

Security Advisory Description CVE-2017-18214 The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055. CVE-2022-24785 Moment.js is a JavaScript date library for parsing, validating,...

7.5CVSS6.4AI score0.05664EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/10/21 12:22 a.m.•29 views

K000141528: glibc vulnerability CVE-2024-33600

Security Advisory Description nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's nscd cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cach...

5.9CVSS6.7AI score0.01216EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/10/07 4:47 a.m.•29 views

K000141358: Multiple libpng vulnerabilities

Security Advisory Description CVE-2016-3751 Unspecified vulnerability in libpng before 1.6.20, as used in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01, allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...

10CVSS8.4AI score0.04692EPSS
Exploits3
F5 Networks
F5 Networks
•added 2024/09/05 9:33 p.m.•29 views

K000140953: libarchive vulnerability CVE-2023-30571

Security Advisory Description Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask...

5.3CVSS5.2AI score0.00192EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/08/19 4:4 p.m.•29 views

K000140742: MySQL vulnerability CVE-2024-21179

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS5.2AI score0.00682EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/08/14 1:21 p.m.•29 views

K000139938: BIG-IP Next Central Manager vulnerability CVE-2024-37028

Security Advisory Description BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in. CVE-2024-37028 Impact An unauthenticated attacker can exploit this vulnerability to lock out a BIG-IP Next Central Manager webUI account that has never been logged...

6.3CVSS6.8AI score0.00448EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/08/14 1:13 p.m.•29 views

K000140006: BIG-IP Next Central Manager vulnerability CVE-2024-41719

Security Advisory Description When you generate a QKView file of a BIG-IP Next instance from the BIG-IP Next Central Manager, F5 iHealth credentials are logged in the BIG-IP Central Manager log file. CVE-2024-41719 Impact The F5 iHealth credentials entered on the BIG-IP Next Central Manager to...

5.5CVSS6.6AI score0.00154EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/05/16 6:54 a.m.•29 views

K000139646: MySQL Server vulnerabilities CVE-2024-21052 and CVE-2024-21053

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQ...

4.9CVSS5.1AI score0.00962EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/05/08 12:55 p.m.•29 views

K000139217: BIG-IP TMM tenants on VELOS and rSeries vulnerability CVE-2024-32761

Security Advisory Description Under certain conditions, a data leak may occur in the Traffic Management Microkernels TMMs of BIG-IP tenants running on VELOS and rSeries platforms. This leak occurs randomly and cannot be deliberately triggered. If it occurs, it may leak up to 64 bytes of...

6.5CVSS5.6AI score0.00465EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2024/04/09 11:15 a.m.•29 views

K000139229: Tempesta vulnerability CVE-2024-2758

Security Advisory Description Tempesta FW rate limits are not enabled by default. They are either set too large to capture empty CONTINUATION frames attacks or too small to handle normal HTTP requests appropriately. CVE-2024-2758 Impact There is no impact; F5 products are not affected by this...

6.3CVSS8.2AI score0.7275EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/02/14 2:0 p.m.•29 views

K91054692: BIG-IP Appliance mode iAppsLX vulnerability CVE-2024-23976

Security Advisory Description When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions utilizing iAppsLX templates on a BIG-IP system. CVE-2024-23976 Impact An authenticated attacker with local system access and th...

6CVSS6AI score0.00167EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2023/12/27 6:19 a.m.•29 views

K000138050: Apache Tomcat vulnerability CVE-2023-41081

Security Advisory Description Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied...

7.5CVSS7.3AI score0.01257EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/12/05 6:33 p.m.•29 views

K000137798: Dbus Subscription Manager vulnerability CVE-2023-3899

Security Advisory Description A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By usi...

7.8CVSS8.3AI score0.00253EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/07/27 5:33 p.m.•29 views

K000135633: OpenSSL vulnerability CVE-2023-2975

Security Advisory Description Issue summary: The AES-SIV cipher implementation contains a bug that causes it to ignore empty associated data entries which are unauthenticated as a consequence. Impact summary: Applications that use the AES-SIV algorithm and want to authenticate empty data entries ...

5.3CVSS7.2AI score0.00525EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/07/17 12:30 a.m.•29 views

K000135504: BIND vulnerability CVE-2023-2911

Security Advisory Description If the recursive-clients quota is reached on a BIND 9 resolver configured with both stale-answer-enable yes; and stale-answer-client-timeout 0;, a sequence of serve-stale-related lookups could cause named to loop and terminate unexpectedly due to a stack overflow. Th...

7.5CVSS8.2AI score0.02575EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/06/21 3:25 p.m.•29 views

K000135149: Oracle Java SE vulnerability CVE-2023-21938

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 a...

3.7CVSS4.8AI score0.01208EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/05/18 8:49 p.m.•29 views

K000134671: Paramiko vulnerability CVE-2018-1000805

Security Advisory Description Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity. CVE-2018-1000805 Impact There is no impact; F5...

8.8CVSS8.4AI score0.04407EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/05/15 11:14 p.m.•29 views

K000134616: Intel i915 Graphics Drivers for Linux vulnerability CVE-2023-28410

Security Advisory Description Improper restriction of operations within the bounds of a memory buffer in some IntelR i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2023-28410 Impact...

8.8CVSS6.1AI score0.00262EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/04/25 9:32 a.m.•29 views

K000133656: Oracle Java vulnerability CVE-2023-21954

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and...

5.9CVSS5.6AI score0.01421EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•29 views

K50254952: BIG-IP Configuration utility vulnerability CVE-2018-5523

Security Advisory Description When authenticated administrative users run commands in the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. CVE-2018-5523 Impact BIG-IP and Enterprise Manager This...

7.2CVSS7.2AI score0.02263EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•29 views

K23024812: BIG-IP APM vulnerability CVE-2018-5544

Security Advisory Description When the BIG-IP APM system renders certain pages with a logon agent or a confirm box, the system may disclose configuration information such as partition and agent names via URI parameters. CVE-2018-5544 Impact This vulnerability allows unauthorized disclosure of...

7.5CVSS7.4AI score0.02465EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•29 views

K28855111: BIG-IQ HA vulnerability CVE-2020-5869

Security Advisory Description BIG-IQ high availability HA synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in transit. CVE-2020-5869 Impact Certain BIG-IQ data may be compromised when the vulnerability is exploited on a BIG-IQ HA configuratio...

9.1CVSS8.7AI score0.00485EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•29 views

K17114: NTP vulnerability CVE-2015-5146

Security Advisory Description ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service service crash via a NULL byte i...

5.3CVSS6.5AI score0.04095EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•29 views

K03585731: F5 secure shell vulnerability CVE-2020-5873

Security Advisory Description A user associated with the Resource Administrator role who has access to the secure copy scp utility but does not have access to Advanced Shell bash can execute arbitrary commands using a maliciously crafted scp request. CVE-2020-5873 Impact An authenticated user wit...

7.2CVSS6.9AI score0.01386EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•29 views

K12234501: BIG-IP virtual server vulnerability CVE-2020-5883

Security Advisory Description When a virtual server is configured with HTTP explicit proxy and has an attached HTTPPROXYREQUEST iRule, POST requests sent to the virtual server cause an xdata memory leak. CVE-2020-5883 Impact The BIG-IP system may become vulnerable to conditions that result when i...

7.5CVSS7.4AI score0.01276EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•29 views

K17597093: 389-ds-base vulnerability CVE-2017-15135

Security Advisory Description It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not always handle internal hash comparison operations correctly during the authentication process. A remote, unauthenticated attacker could potentially use this flaw to bypass the...

8.1CVSS7.9AI score0.03828EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•29 views

K91610944: Intel Ethernet controller vulnerabilities CVE-2020-24492, CVE-2020-24493, CVE-2020-24494, CVE-2020-24495, CVE-2020-24496

Security Advisory Description CVE-2020-24492 Insufficient access control in the firmware for the IntelR 722 Ethernet Controllers before version 1.5 may allow a privileged user to potentially enable a denial of service via local access. CVE-2020-24493 Insufficient access control in the firmware fo...

4.4CVSS4.4AI score0.003EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•29 views

K57492753: MySQL Optimizer vulnerability CVE-2016-0651

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier allows local users to affect availability via vectors related to Optimizer.CVE-2016-0651 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

5.5CVSS6.5AI score0.01226EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•29 views

K12403422: BIG-IP ASM vulnerability CVE-2018-5541

Security Advisory Description When the BIG-IP ASM system processes HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. CVE-2018-5541 Impact BIG-IP When this vulnerability is exploited, the BIG-IP ASM system may experience a denial of...

7.8CVSS7.6AI score0.01841EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•29 views

K23432927: The BIG-IP ASM system may redirect a client request to an incorrect URL

Security Advisory Description The BIG-IP ASM system may redirect a client request to an incorrect URL after the client browser passes the client-side integrity defense JavaScript challenge. This issue occurs when all of the following conditions are met: You have enabled the Client Side Integrity...

6.7AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:54 p.m.•29 views

K31152411: BIG-IP Analytics vulnerability CVE-2019-6655

Security Advisory Description BIG-IP platforms provisioned with AAM, AFM, Application Visibility and Reporting AVR, APM, ASM, and/or PEM may leak sensitive data. CVE-2019-6655 Impact BIG-IP AAM, AFM, AVR, APM, ASM, PEM The vulnerability is only present on BIG-IP systems provisioned with AAM, AFM,...

5.3CVSS5.3AI score0.0106EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:54 p.m.•29 views

K02951273: NTP vulnerability CVE-2017-6463

Security Advisory Description NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service daemon crash via an invalid setting in a :config directive, related to the unpeer option. CVE-2017-6463 Impact A remote, authenticated attacker may exploit this...

6.5CVSS6.9AI score0.05239EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 7:54 p.m.•29 views

K67825238: iControl REST vulnerability CVE-2019-6638

Security Advisory Description Malformed http requests made to an undisclosed iControl REST endpoint can lead to infinite loop of the restjavad process. CVE-2019-6638 Impact All authenticated users, regardless of role, can exploit this vulnerability, which can result in a denial-of-service DoS for...

6.5CVSS6.3AI score0.01989EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•29 views

K16343: OpenLDAP vulnerabilities CVE-2015-1545 and CVE-2015-1546

Security Advisory Description CVE-2015-1545 The derefparseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service NULL pointer dereference and crash via an empty attribute list in a deref control in a search request...

5CVSS5.3AI score0.11091EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:52 p.m.•29 views

K10329515: BIG-IP PEM vulnerability CVE-2018-5508

Security Advisory Description Under certain conditions, TMM may produce a core file and restart when processing compressed data though a virtual server with an associated PEM profile using the content insertion option. CVE-2018-5508 Impact The Traffic Management Microkernel TMM generates a core...

5.9CVSS5.8AI score0.00863EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:37 p.m.•29 views

K20031768: Intel hardware vulnerabilities CVE-2020-8737 CVE-2020-12312

Security Advisory Description CVE-2020-8737 Improper buffer restrictions in the IntelR StratixR 10 FPGA firmware provided with the IntelR QuartusR Prime Pro software before version 20.1 may allow an unauthenticated user to potentially enable escalation of privilege and/or information disclosure v...

6.8CVSS6.6AI score0.00362EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:34 p.m.•29 views

K8921: Linux kernel vulnerability CVE-2007-3740

Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...

4.4CVSS6.2AI score0.0038EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:33 p.m.•29 views

K15911: Linux kernel vulnerabilities CVE-2014-3182 and CVE-2014-3183

Security Advisory Description Description CVE-2014-3182 Array index error in the logidjrawevent function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service invalid kfree via a crafted devi...

6.9CVSS7.2AI score0.00499EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:33 p.m.•29 views

K92991044: lwresd and bind vulnerability CVE-2016-2775

Security Advisory Description ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote attackers to cause a denial of service daemon crash via a long request that uses the lightweight resolver protocol...

5.9CVSS6.5AI score0.63346EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:30 p.m.•29 views

K68652018: iControl REST vulnerability CVE-2021-22974

Security Advisory Description An authenticated attacker with access to iControl REST over the control plane may be able to take advantage of a race condition to execute commands with an elevated privilege level. This vulnerability is due to an incomplete fix for CVE-2017-6167. CVE-2021-22974...

7.5CVSS6.8AI score0.00805EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 7:29 p.m.•29 views

K15742: Linux kernel vulnerabilities CVE-2014-6416, CVE-2014-6417, and CVE-2014-6418

Security Advisory Description CVE-2014-6416 Buffer overflow in net/ceph/authx.c in Ceph, as used in the Linux kernel before 3.16.3, allows remote attackers to cause a denial of service memory corruption and panic or possibly have unspecified other impact via a long unencrypted auth ticket...

7.8CVSS6.7AI score0.06167EPSS
Exploits3
Total number of security vulnerabilities5000