Lucene search
K

6389 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:1 p.m.•22 views

K61105950: iControl REST logs a plaintext password when the syntax of a cURL request is incorrect

Security Advisory Description The BIG-IP system logs the device password in plaintext. This issue occurs when the following condition is met: There are one or more syntax errors in the POST body of a REST token request. Impact Disclosure of the BIG-IP system's device password can lead to other...

6.7AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:1 p.m.•39 views

K93445609: phpMyAdmin vulnerabilities

Security Advisory Description CVE-2016-1927 The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a...

7.5CVSS6.3AI score0.02688EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:0 p.m.•43 views

K31372672: Mozilla NSS vulnerabilities CVE-2015-7181, CVE-2015-7182, and CVE-2015-7183

Security Advisory Description CVE-2015-7181 The secasn1dparseleaf function in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data...

9.8CVSS9AI score0.10238EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 6:0 p.m.•30 views

K42406850: F5 SIRT response to the Ukraine crisis

Security Advisory Description Over the past few weeks, the world has watched as tensions have risen between Russia and Ukraine, and most recently, those tensions have escalated into a military conflict. F5 is deeply concerned for the safety of those in harm's way and the impact to everyone affect...

5.7AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:0 p.m.•44 views

K47145213: OpenSSL vulnerability CVE-2016-2176

Security Advisory Description The X509NAMEoneline function in crypto/x509/x509obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service buffer over-read via crafted EBCDIC ASN.1 data...

8.2CVSS8.9AI score0.22841EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 5:59 p.m.•29 views

K34144932: libwww-perl vulnerability CVE-2014-3230

Security Advisory Description When libwww-perl LWP uses IO::Socket::SSL and when the HTTPSCADIR or HTTPSCAFILE environment variables are set, server certificate verification is disabled. CVE-2014-3230 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

5.9CVSS5.6AI score0.01338EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 5:39 p.m.•35 views

K73189318: Linux kernel vulnerability CVE-2015-7509

Security Advisory Description fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service system crash via a crafted no-journal filesystem, a related issue to CVE-2013-2015. CVE-2015-7509 Impact The attacker may be able to cause a...

4.9CVSS5.7AI score0.00405EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 5:39 p.m.•48 views

K72225092: Linux kernel vulnerability CVE-2015-8746

Security Advisory Description fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service NULL pointer dereference and panic via crafted network traffic...

7.5CVSS7.2AI score0.03103EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:39 p.m.•30 views

K35424631: OpenSSH vulnerability CVE-2016-1907

Security Advisory Description The sshpacketreadpoll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service out-of-bounds read and application crash via crafted network traffic. CVE-2016-1907 Impact Remote attackers may be able to cause a denial-of-servi...

5.3CVSS7AI score0.14341EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 5:39 p.m.•24 views

K34146339: OpenSSL vulnerability CVE-2000-1254

Security Advisory Description crypto/rsa/rsagen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX...

7.5CVSS7.5AI score0.03137EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:39 p.m.•42 views

K13511366: PCRE vulnerability CVE-2014-9769

Security Advisory Description pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by...

7.5CVSS8.7AI score0.02351EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:39 p.m.•26 views

K49580002: BIG-IP file validation vulnerability CVE-2015-8021

Security Advisory Description The BIG-IP Configuration utility may not properly validate file type or contents where uploaded files are allowed in the Access Policy Manager configuration section uploadImage.php. CVE-2015-8021 Impact An authenticated attacker could upload files to the BIG-IP syste...

4.3CVSS4.8AI score0.01352EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 5:39 p.m.•58 views

K98102572: Linux kernel vulnerability CVE-2015-7990

Security Advisory Description Race condition in the rdssendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by using a socket that was not properly...

5.9CVSS6.8AI score0.00348EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 5:39 p.m.•77 views

K20911042: OpenSSH vulnerability CVE-2015-8325

Security Advisory Description The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the...

7.8CVSS7.3AI score0.00627EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 5:39 p.m.•23 views

K30341203: BIG-IP LTM and NGINX are not exposed to certain desync attacks

Security Advisory Description Multiple desync attacks have been discovered. For more information refer to the following related articles: K27144609: Overview of HTTP/2 desync attacks K63312282: BIG-IP LTM HTTP/2 desync attacks: request line injection K97045220: BIG-IP LTM HTTP/2 desync attacks:...

7.1AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•44 views

K37510383: Linux kernel SCTP vulnerability CVE-2015-5283

Security Advisory Description The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service panic or memory corruption by creating SCTP sockets before all of the steps...

4.7CVSS6.2AI score0.00549EPSS
Exploits1Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•56 views

K60742457: Linux kernel vulnerability CVE-2015-8374

Security Advisory Description fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action. CVE-2015-8374 Impact A local user may be able to obtain sensitive informati...

4CVSS5.8AI score0.00501EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•30 views

K71059632: PHP vulnerability CVE-2015-8616

Security Advisory Description Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collatorsort.c in PHP 7.x before 7.0.1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact by leveraging the...

8.6CVSS9.2AI score0.02173EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•53 views

K20022580: Linux kernel vulnerability CVE-2013-7446

Security Advisory Description Use-after-free vulnerability in net/unix/afunix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AFUNIX socket permissions or cause a denial of service panic via crafted epollctl calls. CVE-2013-7446 Impact The local user may be able to bypass...

5.4CVSS6.3AI score0.00625EPSS
Exploits1Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•47 views

K12903841: Linux kernel vulnerabilities CVE-2015-4170, CVE-2015-6526, and CVE-2015-7837

Security Advisory Description CVE-2015-4170 Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service ldsemdownread and ldsemdownwrite deadlock by establishing a new tty thread during...

5.5CVSS5.1AI score0.00405EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•42 views

K14340611: Java vulnerability CVE-2013-5782

Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality,...

10CVSS7.3AI score0.06295EPSS
Exploits0Affected Software5
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•64 views

K15364328: Apache vulnerabilities CVE-2012-5783 and CVE-2012-6153

Security Advisory Description CVE-2012-5783 Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509...

5.8CVSS6AI score0.09254EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•33 views

K46264120: BIND vulnerability CVE-2016-1285

Security Advisory Description named in ISC BIND 9.x before 9.9.8-P4 and 9.10.x before 9.10.3-P4 allows remote attackers to cause a denial of service assertion failure and daemon exit via a malformed packet to the rndc aka control channel interface, related to alist.c and sexpr.c. CVE-2016-1285...

6.8CVSS7AI score0.59143EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:37 p.m.•66 views

K02201365: SLOTH: TLS 1.2 handshake vulnerability CVE-2015-7575

Security Advisory Description A flaw was found in the way TLS 1.2 uses RSA+MD5 signatures with Client Authentication and ServerKeyExchange messages during a TLS 1.2 handshakes. An attacker with a Man-in-the-Middle network position and the ability to force / observe the use of RSA+MD5 during a TLS...

5.9CVSS7.8AI score0.0288EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 5:37 p.m.•61 views

K01948202: Linux kernel vulnerability CVE-2016-0728

Security Advisory Description The joinsessionkeyring function in security/keys/processkeys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service integer overflow and use-after-free via...

7.8CVSS6.7AI score0.03646EPSS
Exploits14
F5 Networks
F5 Networks
•added 2023/02/21 5:37 p.m.•58 views

K79401162: Samba vulnerabilities CVE-2016-2111, CVE-2016-2113, and CVE-2016-2114

Security Advisory Description CVE-2016-2111 The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session...

7.4CVSS6.6AI score0.02902EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:37 p.m.•53 views

K64009378: OpenSSL vulnerability CVE-2016-0701

Security Advisory Description The DHcheckpubkey function in crypto/dh/dhcheck.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman DH key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple...

3.7CVSS6AI score0.83645EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 5:37 p.m.•67 views

K47133310: Samba vulnerability CVE-2016-2112

Security Advisory Description The bundled LDAP client library in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not recognize the "client ldap sasl wrapping" setting, which allows man-in-the-middle attackers to perform LDAP protocol-downgrade attacks by modifying...

5.9CVSS6.8AI score0.09345EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 5:35 p.m.•59 views

K75152412: OpenSSL vulnerability CVE-2016-2108

Security Advisory Description The ASN.1 implementation in OpenSSL before 1.0.1o and 1.0.2 before 1.0.2c allows remote attackers to execute arbitrary code or cause a denial of service buffer underflow and memory corruption via an ANY field in crafted serialized data, aka the "negative zero" issue...

10CVSS8.5AI score0.77906EPSS
Exploits1Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 5:35 p.m.•38 views

K66504414: Foomatic vulnerability CVE-2010-5325

Security Advisory Description Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service memory corruption and crash or possibly execute arbitrary code via a long job title. CVE-2010-5325 Impact There ...

9.8CVSS9.9AI score0.05483EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:34 p.m.•33 views

K82679059: BIG-IP APM SSO vulnerability CVE-2016-3686

Security Advisory Description Cleartext SessionID is visible in URL query parameters under some conditions. CVE-2016-3686 Impact There is a theoretical risk that a user could obtain unauthorized access to the system, causing a security breach. Security Advisory Status F5 Product Development has...

5.9CVSS5.7AI score0.01526EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 5:34 p.m.•48 views

K65342329: Java vulnerabilities CVE-2016-0494, CVE-2016-0448, and CVE-2016-0402

Security Advisory Description CVE-2016-0494 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

10CVSS6.5AI score0.07211EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:34 p.m.•101 views

K74954302: PHP vulnerability CVE-2016-2554

Security Advisory Description Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TAR archive. CVE-2016-2554...

10CVSS9.3AI score0.10997EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 5:34 p.m.•69 views

K23196136: OpenSSL vulnerability CVE-2016-0800

Security Advisory Description The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to...

5.9CVSS7.9AI score0.82112EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 5:34 p.m.•37 views

K15095307: BDF parsing vulnerability CVE-2012-5669

Security Advisory Description The bdfparseglyphs function in FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to BDF fonts and an incorrect calculation that triggers an out-of-bounds read...

4.3CVSS7.3AI score0.03857EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•38 views

K02360853: NTP vulnerabilities CVE-2015-5194 and CVE-2015-5195

Security Advisory Description CVE-2015-5194 The logconfigcommand function in ntpparser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service ntpd crash via crafted logconfig commands. CVE-2015-5195 ntpopenssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attacke...

7.5CVSS7.6AI score0.07483EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•34 views

K86533083: BIND vulnerability CVE-2015-8705

Security Advisory Description buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit, or daemon crash or possibly have unspecified other impact via 1 OPT data or 2 an ECS...

7CVSS7.3AI score0.07654EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•93 views

K63443590: Apache Commons FileUpload vulnerability CVE-2013-2186

Security Advisory Description The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized...

7.5CVSS7.5AI score0.12768EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•52 views

K51518670: Linux kernel vulnerability CVE-2015-2922

Security Advisory Description The ndiscrouterdiscovery function in net/ipv6/ndisc.c in the Neighbor Discovery ND protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to reconfigure a hop-limit setting via a small hoplimit value in a Router...

3.3CVSS6AI score0.03052EPSS
Exploits1Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•89 views

K51025324: Apache Tomcat 7.x vulnerabilities CVE-2015-5346, CVE-2015-5351, and CVE-2016-0763

Security Advisory Description CVE-2015-5346 Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to...

8.8CVSS7.6AI score0.11297EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•62 views

K52470083: Apache vulnerability CVE-2010-0408

Security Advisory Description The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server...

5CVSS8.1AI score0.20787EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•33 views

K06288381: NTP vulnerabilities CVE-2015-7977 and CVE-2015-7978

Security Advisory Description CVE-2015-7977 ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service NULL pointer dereference via a ntpdc reslist command. CVE-2015-7978 NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a...

7.5CVSS6.8AI score0.09985EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•49 views

K18174924: Apache Tomcat 6.x vulnerability CVE-2016-0706

Security Advisory Description Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users ...

4.3CVSS6.5AI score0.06232EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•57 views

K34250741: BIND vulnerability CVE-2015-8000

Security Advisory Description db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit via a malformed class attribute. CVE-2015-8000 Impact An attack may cause a denial-of-service DoS ...

5CVSS7.1AI score0.5469EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 5:33 p.m.•139 views

K17588029: Apache Struts vulnerabilities CVE-2016-0785, CVE-2016-2162, CVE-2016-3081, CVE-2016-3082, and CVE-2016-4003

Security Advisory Description CVE-2016-0785 Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%" sequence in a tag attribute, aka forced double OGNL evaluation. CVE-2016-2162 Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object...

10CVSS7.2AI score0.9373EPSS
Exploits12
F5 Networks
F5 Networks
•added 2023/02/21 5:32 p.m.•48 views

K30971148: Apache Tomcat 6.x vulnerability CVE-2015-5174

Security Advisory Description Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. slash dot dot in...

4.3CVSS6.5AI score0.12555EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 5:32 p.m.•55 views

K59722044: PHP vulnerabilities CVE-2016-1903 and CVE-2016-1904

Security Advisory Description CVE-2016-1903 The gdImageRotateInterpolated function in ext/gd/libgd/gdinterpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and...

9.1CVSS9.3AI score0.07806EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 5:32 p.m.•44 views

K22234807: Apache vulnerability CVE-2009-3094

Security Advisory Description The approxyftphandler function in modules/proxy/proxyftp.c in the modproxyftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service NULL pointer dereference and child process crash via a malformed reply to an EPSV...

2.6CVSS8AI score0.08566EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 5:32 p.m.•34 views

K48042976: BIG-IP SSL vulnerability CVE-2016-4545

Security Advisory Description On virtual servers with Secure Sockets Layer SSL profiles enabled, an SSL alert sent during the handshake may produce unnecessary logging and resource consumption on a BIG-IP system that is running 11.5.4 FINAL, possibly causing the Traffic Management Microkernel TMM...

7.5CVSS7.6AI score0.01765EPSS
Exploits0Affected Software9
F5 Networks
F5 Networks
•added 2023/02/21 5:30 p.m.•94 views

K33209124: OpenSSL vulnerability CVE-2015-3197

Security Advisory Description ssl/s2srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to t...

5.9CVSS8AI score0.10731EPSS
Exploits2
Total number of security vulnerabilities6389