Lucene search
K

6392 matches found

F5 Networks
F5 Networks
•added 2025/05/14 4:23 p.m.•11 views

K000151330: Oath Toolkit vulnerability CVE-2024-47191

Security Advisory Description pamoath.so in oath-toolkit 2.6.7 through 2.6.11 before 2.6.12 allows root privilege escalation because, in the context of PAM code running as root, it mishandles usersfile access, such as by calling fchown in the presence of a symlink. CVE-2024-47191 Impact There is ...

7.1CVSS7AI score0.00341EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/14 4:19 p.m.•27 views

K000151329: MySQL vulnerabilities CVE-2025-30704, CVE-2025-30705, and CVE-2025-30706

Security Advisory Description CVE-2025-30704 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker wit...

7.5CVSS5.5AI score0.00821EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/14 6:19 a.m.•15 views

K000151312: cURL vulnerability CVE-2025-0725

Security Advisory Description When libcurl is asked to perform automatic gzip decompression of content-encoded HTTP responses with the CURLOPTACCEPTENCODING option, using zlib 1.2.0.3 or older, an attacker-controlled integer overflow would make libcurl perform a buffer overflow. CVE-2025-0725...

7.3CVSS6.7AI score0.01218EPSS
Exploits1
F5 Networks
F5 Networks
•added 2025/05/12 5:44 p.m.•11 views

K000151278: MySQL vulnerability CVE-2025-21579

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

4.9CVSS4.8AI score0.00642EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/12 5:6 p.m.•10 views

K000151277: MySQL vulnerabilities CVE-2025-21580 and CVE-2025-21588

Security Advisory Description CVE-2025-21580 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access v...

4.9CVSS4.3AI score0.0076EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/12 4:13 p.m.•15 views

K000151275: MySQL vulnerabilities CVE-2025-21577 and CVE-2025-30681

Security Advisory Description CVE-2025-21577 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via...

6.5CVSS4.8AI score0.00667EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/12 3:52 p.m.•11 views

K000151274: MySQL vulnerabilities CVE-2025-21583 and CVE-2025-21584

Security Advisory Description CVE-2025-21583 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.4.0 and 9.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...

4.9CVSS4.3AI score0.0076EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/12 3:44 p.m.•16 views

K000151273: MySQL vulnerability CVE-2025-30682

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multipl...

6.5CVSS6AI score0.00691EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/09 5:52 p.m.•11 views

K000151257: Java vulnerability CVE-2025-30698

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:...

5.6CVSS5.5AI score0.00549EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/09 4:44 p.m.•10 views

K000151258: MySQL vulnerability CVE-2025-21585

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multip...

4.9CVSS4.8AI score0.0076EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/09 4:16 p.m.•12 views

K000151256: MySQL vulnerability CVE-2025-30687

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multipl...

6.5CVSS6AI score0.00691EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/09 4:4 p.m.•15 views

K000151255: GStreamer vulnerability CVE-2024-47606

Security Advisory Description GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension within qtdemux.c. The vulnerability occurs due to an underflow of the gint size variable, which causes size...

9.8CVSS8.3AI score0.01344EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/09 4:1 p.m.•20 views

K000151254: libxml2 vulnerability CVE-2024-40896

Security Advisory Description In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible. CVE-2024-40896...

9.1CVSS7AI score0.01192EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/08 2:17 a.m.•17 views

K000151220: Multiple Wireshark/tshark vulnerabilities

Security Advisory Description CVE-2020-26575 In Wireshark through 3.2.7, the Facebook Zero Protocol aka FBZERO dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. CVE-2018-14339 In Wireshark 2.6.0 to...

7.8CVSS6.3AI score0.03773EPSS
Exploits2
F5 Networks
F5 Networks
•added 2025/05/07 1:44 p.m.•47 views

K000151008: Quarterly Security Notification (May 2025)

Security Advisory Description On May 7, 2025, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. You can watch th...

9.2CVSS9.6AI score0.27985EPSS
Exploits1
F5 Networks
F5 Networks
•added 2025/05/07 1:19 p.m.•16 views

K000150598: BIG-IP APM PingAccess vulnerability CVE-2025-36525

Security Advisory Description When a BIG-IP APM PingAccess profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-36525 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote...

8.7CVSS7.2AI score0.00357EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2025/05/07 1:12 p.m.•11 views

K000140574: F5OS Appliance Mode vulnerability CVE-2025-36546

Security Advisory Description On an F5OS system, if the root user configures the system to allow login using SSH key-based authentication and later enables appliance mode, the system still allows access using SSH key-based authentication. For an attacker to exploit this vulnerability they must...

9.2CVSS7.1AI score0.00372EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2025/05/07 1:1 p.m.•13 views

K000140919: BIG-IP HTTP/2 vulnerability CVE-2025-36504

Security Advisory Description When a BIG-IP HTTP/2 httprouter profile is configured on a virtual server, undisclosed responses can cause an increase in memory resource utilization. CVE-2025-36504 Impact System performance can degrade until the Traffic Management Microkernel TMM process is either...

8.7CVSS6.8AI score0.00357EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2025/05/07 12:59 p.m.•16 views

K000140937: BIG-IP SIP ALG profile vulnerability CVE-2025-41433

Security Advisory Description When a Session Initiation Protocol SIP message routing framework MRF application layer gateway ALG profile is configured on a Message Routing virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-41433 Impact...

8.7CVSS7.2AI score0.00357EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2025/05/07 12:55 p.m.•20 views

K000149952: BIG-IP PEM vulnerability CVE-2025-35995

Security Advisory Description When a BIG-IP PEM system is licensed with URL categorization, and the URL categorization policy or an iRule with the urlcat command is enabled on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-35995 Impa...

8.7CVSS7.3AI score0.00357EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2025/05/07 12:52 p.m.•17 views

K000150668: TMM vulnerability CVE-2025-41431

Security Advisory Description When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate in the standby BIG-IP systems in a traffic group. CVE-2025-41431 Impact Traffic in other traffic groups may be disrupted...

8.7CVSS6.9AI score0.00357EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2025/05/07 12:49 p.m.•17 views

K000139571: BIG-IP HTTP vulnerability CVE-2025-36557

Security Advisory Description When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-36557 Impact Traffic is disrupted while the TMM process restarts. This...

8.7CVSS6.8AI score0.00352EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2025/05/07 12:48 p.m.•13 views

K000139503: F5OS vulnerability CVE-2025-46265

Security Advisory Description On F5OS, an improper authorization vulnerability exists where remotely authenticated users LDAP, RADIUS, TACACS+ may be authorized with higher privilege F5OS roles. CVE-2025-46265 Impact This vulnerability may allow a remote, authenticated attacker to be unexpectedly...

8.8CVSS7.3AI score0.00318EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2025/05/07 12:44 p.m.•16 views

K000140968: BIG-IP HTTP/2 vulnerability CVE-2025-41414

Security Advisory Description When HTTP/2 client and server profiles are simultaneously configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2025-41414 Impact Traffic is disrupted while the TMM process restarts. This vulnerability...

8.7CVSS7.1AI score0.00352EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2025/05/07 12:39 p.m.•12 views

K000137709: SCTP vulnerability CVE-2025-41399

Security Advisory Description When a Stream Control Transmission Protocol SCTP profile is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2025-41399 Impact System performance can degrade until the Traffic Management Microkernel TMM...

8.7CVSS6.8AI score0.00352EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
•added 2025/05/07 12:33 p.m.•12 views

K000139502: F5OS vulnerability CVE-2025-43878

Security Advisory Description When running in appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mode restrictions utilizing system diagnostics tcpdump command utility on a F5OS-A/C system. CVE-2025-43878 Impact In...

8.3CVSS7AI score0.00145EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2025/05/07 12:28 p.m.•16 views

K000148591: Appliance mode BIG-IP iControl REST and tmsh vulnerability CVE-2025-31644

Security Advisory Description When running in Appliance mode, a command injection vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell tmsh command that may allow an authenticated attacker with administrator role privileges to execute arbitrary system commands. A successful...

8.7CVSS9.7AI score0.27985EPSS
Exploits1Affected Software12
F5 Networks
F5 Networks
•added 2025/05/07 7:19 a.m.•12 views

K000151206: Oracle Java SE vulnerability CVE-2025-21587

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for...

7.4CVSS6.2AI score0.0073EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/06 4:1 p.m.•10 views

K000151202: Java vulnerability CVE-2025-30691

Security Advisory Description Vulnerability in Oracle Java SE component: Compiler. Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

4.8CVSS5AI score0.00522EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/06 3:46 p.m.•12 views

K000151201: OpenSSL vulnerability CVE-2024-12797

Security Advisory Description Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS...

6.3CVSS6.7AI score0.02439EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/05 10:7 p.m.•25 views

K000151184: Intel Ethernet Controller and Adapter vulnerability CVE-2024-36274

Security Advisory Description Out-of-bounds write in the IntelR 800 Series Ethernet Driver for IntelR Ethernet Adapter Complete Driver Pack before versions 29.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVE-2024-36274 Impact This vulnerability...

7.1CVSS6.7AI score0.00364EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2025/05/04 5:56 p.m.•9 views

K000151159: MySQL vulnerability CVE-2025-21581

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multip...

4.9CVSS4.8AI score0.0076EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/04 5:52 p.m.•13 views

K000151158: MySQL vulnerability CVE-2025-21575

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

6.5CVSS6AI score0.00789EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/05/01 11:27 p.m.•13 views

K000151130: GnuTLS vulnerability CVE-2024-12243

Security Advisory Description A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote...

5.3CVSS6.9AI score0.01245EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2025/04/29 7:1 p.m.•14 views

K000151082: PostgreSQL vulnerability CVE-2021-32027

Security Advisory Description A flaw was found in postgresql in versions before 13.3, before 12.7, before 11.12, before 10.17 and before 9.6.22. While modifying certain SQL array values, missing bounds checks let authenticated database users write arbitrary bytes to a wide area of server memory...

8.8CVSS8.2AI score0.0199EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2025/04/28 5:49 p.m.•19 views

K000151066: OpenSAML vulnerability CVE-2025-31335

Security Advisory Description The OpenSAML C++ library before 3.3.1 allows forging of signed SAML messages via parameter manipulation when using SAML bindings that rely on non-XML signatures. CVE-2025-31335 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

4CVSS4.7AI score0.00228EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/04/28 3:55 p.m.•16 views

K000151063: MySQL vulnerability CVE-2025-30696

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: PS. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

4.9CVSS4.8AI score0.0076EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/04/28 4:15 a.m.•13 views

K000151057: Oracle MySQL vulnerability CVE-2025-30721

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: UDF. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure...

4CVSS3.7AI score0.00198EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/04/24 4:8 p.m.•22 views

K000151007: Multiple Python vulnerabilities

Security Advisory Description CVE-2019-13404 The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. This also affects old 3.x releases before 3.5. NOTE: the vendor's position is that it is th...

9.3CVSS6.5AI score0.11296EPSS
Exploits1
F5 Networks
F5 Networks
•added 2025/04/24 7:15 a.m.•24 views

K000150999: Oracle MySQL vulnerabilities CVE-2025-30695 and CVE-2025-30699

Security Advisory Description CVE-2025-30695 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

5.5CVSS4.6AI score0.0076EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/04/23 7:21 a.m.•34 views

K000150987: PostgreSQL pgAdmin vulnerabilities CVE-2025-2945 and CVE-2025-2946

Security Advisory Description CVE-2025-2945 Remote Code Execution security vulnerability in pgAdmin 4 Query Tool and Cloud Deployment modules. The vulnerability is associated with the 2 POST endpoints; /sqleditor/querytool/download, where the querycommited parameter and /cloud/deploy endpoint,...

9.9CVSS9.3AI score0.46222EPSS
Exploits8
F5 Networks
F5 Networks
•added 2025/04/22 11:23 a.m.•11 views

K000150967: Angular JS vulnerabilities CVE-2023-26117 and CVE-2023-26118

Security Advisory Description CVE-2023-26117 Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted...

5.3CVSS5.8AI score0.01695EPSS
Exploits2
F5 Networks
F5 Networks
•added 2025/04/22 7:35 a.m.•11 views

K000150957: WebKitGTK vulnerability CVE-2024-54534

Security Advisory Description The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.2, visionOS 2.2, tvOS 18.2, macOS Sequoia 15.2, Safari 18.2, iOS 18.2 and iPadOS 18.2. Processing maliciously crafted web content may lead to memory corruption. CVE-2024-54534...

9.8CVSS7.6AI score0.01061EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/04/22 4:51 a.m.•16 views

K000150951: Multiple Oracle MySQL vulnerabilities

Security Advisory Description CVE-2025-30689 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network...

6.8CVSS5.6AI score0.00821EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/04/21 3:51 p.m.•109 views

K000150943: PostgreSQL vulnerabilities CVE-2019-10164, CVE-2020-14349, and CVE-2020-14350

Security Advisory Description CVE-2019-10164 PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often...

9CVSS8.1AI score0.03711EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/04/21 5:17 a.m.•13 views

K000150939: cURL vulnerability CVE-2025-0665

Security Advisory Description libcurl would wrongly close the same eventfd file descriptor twice when taking down a connection channel after having completed a threaded name resolve. CVE-2025-0665 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

7CVSS8.4AI score0.01253EPSS
Exploits1
F5 Networks
F5 Networks
•added 2025/04/21 12:49 a.m.•21 views

K000150938: Oracle MySQL vulnerabilities CVE-2025-30693 and CVE-2025-30703

Security Advisory Description CVE-2025-30693 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

5.5CVSS5AI score0.00869EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/04/21 12:40 a.m.•10 views

K000150937: Freetype vulnerability CVE-2025-27363

Security Advisory Description An out of bounds write exists in FreeType versions 2.13.0 and below newer versions of FreeType are not vulnerable when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an...

8.1CVSS8AI score0.26049EPSS
Exploits1
F5 Networks
F5 Networks
•added 2025/04/17 4:54 a.m.•9 views

K000150901: Linux kernel vulnerability CVE-2024-46713

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event-mmapmutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order...

7.8CVSS6.4AI score0.00299EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2025/04/16 3:26 p.m.•22 views

K000150879: OpenSSH vulnerability CVE-2025-26466

Security Advisory Description A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep...

5.9CVSS7.4AI score0.38474EPSS
Exploits4Affected Software8
Total number of security vulnerabilities6392