Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•37 views

K25893729: Apache Dubbo vulnerability CVE-2021-25641

Security Advisory Description Each Apache Dubbo server will set a serialization id to tell the clients which serialization protocol it is working on. But for Dubbo versions before 2.7.8 or 2.6.9, an attacker can choose which serialization id the Provider will use by tampering with the byte preamb...

9.8CVSS9.4AI score0.17666EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•85 views

K74151369: Appliance Mode authenticated iControl REST vulnerability CVE-2021-23015

Security Advisory Description When running in Appliance Mode, an authenticated user assigned the 'Administrator' role may be able to bypass Appliance Mode restrictions utilizing undisclosed iControl REST endpoints. CVE-2021-23015 Note : This vulnerability is unrelated to the vulnerability describ...

7.2CVSS8.8AI score0.01343EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•26 views

K21135478: F5 SSL Orchestrator vulnerability CVE-2019-6674

Security Advisory Description The Traffic Management Microkernel TMM may crash when processing SSL Orchestrator data in a service-chaining configuration. CVE-2019-6674 Impact F5 SSL Orchestrator TMM may restart, causing F5 SSL Orchestrator to experience traffic disruption or a failover event...

7.5CVSS7.4AI score0.01044EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•24 views

K73274382: BIG-IP Virtual Edition TMM vulnerability CVE-2020-5888

Security Advisory Description BIG-IP Virtual Edition VE may expose a mechanism for adjacent network layer 2 attackers to access local daemons and bypass port lockdown settings. CVE-2020-5888 Impact Hosts in adjacent networks may be able to bypass port lockdown settings on BIG-IP VE hosts. Securit...

8.1CVSS7.7AI score0.00574EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•61 views

K62282045: Linux kernel vulnerability CVE-2021-38207

Security Advisory Description drivers/net/ethernet/xilinx/lltemacmain.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service buffer overflow and lockup by sending heavy network traffic for about ten minutes. CVE-2021-38207 Impact There is no impact; F5 products...

7.5CVSS6.3AI score0.03354EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K19916307: glibc vulnerability CVE-2015-1473

Security Advisory Description The ADDW macro in stdio-common/vfscanf.c in the GNU C Library aka glibc or libc6 before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of...

6.4CVSS7.4AI score0.02129EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•26 views

K17119920: BIG-IP ASM vulnerability CVE-2016-7472

Security Advisory Description When ASM is provisioned and configured, BIG-IP ASM 12.1.0 and 12.1.1 systems may allow remote attackers to cause a denial of service DoS via a crafted HTTP request. CVE-2016-7472 Impact The BIG-IP ASM system may temporarily fail to process traffic as it recovers from...

7.5CVSS7.4AI score0.04542EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•74 views

K51440224: PCRE vulnerability CVE-2016-3191

Security Advisory Description The compilebranch function in pcrecompile.c in PCRE 8.x before 8.39 and pcre2compile.c in PCRE2 before 10.22 mishandles patterns containing an ACCEPT substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a...

9.8CVSS8.9AI score0.0843EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•24 views

K51351360: Websocket profile vulnerability CVE-2016-9253

Security Advisory Description In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile. CVE-2016-9253 Note : Virtual servers configured to use the HTTP profile and no websocket profile tha...

7.5CVSS7.4AI score0.01335EPSS
Exploits0Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K12936322: BIG-IP restjavad vulnerability CVE-2020-5912

Security Advisory Description The restjavad process dump command does not follow current best coding practices and may overwrite arbitrary files. CVE-2020-5912 Impact A locally authenticated attacker may exploit this vulnerability by overwriting arbitrary files on the file system. Security Adviso...

7.1CVSS6.9AI score0.00321EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•138 views

K10065173: TMM TLS virtual server vulnerability CVE-2019-6593

Security Advisory Description A BIG-IP virtual server configured with a Client SSL profile may be vulnerable to a chosen ciphertext attack against CBC ciphers. When exploited, this may result in plaintext recovery of encrypted messages through a man-in-the-middle MITM attack, despite the attacker...

5.9CVSS6.6AI score0.00653EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•42 views

K44503763: libcurl vulnerability CVE-2016-8617

Security Advisory Description The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME. CVE-2016-8617 Impact This vulnerability may allow an attacker to overwrite memory behind the...

7CVSS7.4AI score0.00593EPSS
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•139 views

K07519400: Java SE vulnerabilities CVE-2019-2602, CVE-2019-2698, CVE-2019-2945, and CVE-2019-2962

Security Advisory Description CVE-2019-2602 Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows...

8.1CVSS6AI score0.12013EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•66 views

K04755144: Multiple QEMU vulnerabilities

Security Advisory Description CVE-2015-8613 Stack-based buffer overflow in the megasasctrlgetinfo function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service QEMU instance crash via a crafted SCSI controller CTRLGETINFO command...

7.5CVSS7.3AI score0.03897EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•45 views

K43239141: 9p filesystem vulnerability CVE-2019-16413

Security Advisory Description The 9p filesystem did not protect isizewrite properly, which causes an isizeread infinite loop and denial of service on SMP systems. CVE-2019-16413 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

7.5CVSS7.3AI score0.02895EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•36 views

K03442392: BIG-IP ASM and Advanced WAF vulnerability CVE-2022-26890

Security Advisory Description When ASM or Advanced WAF, as well as APM, are configured on a virtual server, the ASM policy is configured with Session Awareness, and the "Use APM Username and Session ID" option is enabled, undisclosed requests can cause the bd process to terminate. CVE-2022-26890...

7.5CVSS7.5AI score0.00868EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K03512441: ImageMagick vulnerability CVE-2019-13136

Security Advisory Description ImageMagick before 7.0.8-50 has an integer overflow vulnerability in the function TIFFSeekCustomStream in coders/tiff.c. CVE-2019-13136 Impact BIG-IP AAM, Edge Gateway, WebAccelerator This issue affects BIG-IP systems only when WAM or AAM is provisioned. If exploited...

7.8CVSS7.4AI score0.01457EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•27 views

K01243064: BIG-IQ HA vulnerability CVE-2021-23005

Security Advisory Description When using a Quorum device for BIG-IQ high availability HA for automatic failover, BIG-IQ does not make use of Transport Layer Security TLS with the Corosync protocol. CVE-2021-23005 Impact BIG-IQ An on-path attacker may be able to read or modify data in transit, whi...

9.1CVSS8.7AI score0.00998EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•82 views

K40521234: Multiple Oracle Java SE vulnerabilities

Security Advisory Description CVE-2016-3458 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. CVE-2016-3498 Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remot...

9.6CVSS6.8AI score0.0669EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•37 views

K34527393: LibTIFF vulnerabilities CVE-2016-9533, CVE-2016-9534, and CVE-2016-9535

Security Advisory Description CVE-2016-9533 tifpixarlog.c in libtiff 4.0.6 has out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094, aka "PixarLog horizontalDifference heap-buffer-overflow." CVE-2016-9534 tifwrite.c in libtiff 4.0.6 has an issue in the error code...

9.8CVSS8.6AI score0.04767EPSS
Exploits1Affected Software3
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•39 views

K30046854: Linux kernel vulnerability CVE-2019-19332

Security Advisory Description An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to...

6.1CVSS6.8AI score0.00679EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•38 views

K35155453: Multiple LibTIFF vulnerabilities

Security Advisory Description CVE-2015-8683 The putcontig8bitCIELab function in tifgetimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service out-of-bounds read via a packed TIFF image. CVE-2015-8665 tifgetimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of...

8.8CVSS8.3AI score0.05669EPSS
Exploits2Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•40 views

K23391972: cURL and libcurl vulnerability CVE-2016-8622

Security Advisory Description The URL percent-encoding decode function in libcurl before 7.51.0 is called curleasyunescape. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable...

9.8CVSS8.2AI score0.0467EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•38 views

K28410870: LibTIFF vulnerability CVE-2015-8668

Security Advisory Description Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image. CVE-2015-8668 Impact There is...

9.8CVSS8.6AI score0.13722EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•48 views

K29421535: Intel processor vulnerability CVE-2021-33117

Security Advisory Description Improper access control for some 3rd Generation IntelR XeonR Scalable Processors before BIOS version MR7, may allow a local attacker to potentially enable information disclosure via local access. CVE-2021-33117 Impact This vulnerability may potentially allow a local...

5.5CVSS5.2AI score0.00306EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•59 views

K21458044: Linux kernel vulnerability CVE-2020-10942

Security Advisory Description In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack corruption via crafted system calls. CVE-2020-10942 Impact There is no impact; F5 products are not affecte...

5.4CVSS6.2AI score0.00962EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•45 views

K15122200: Linux kernel vulnerability CVE-2019-3460

Security Advisory Description A heap data infoleak in multiple locations including L2CAPPARSECONFRSP was found in the Linux kernel before 5.1-rc1. CVE-2019-3460 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...

6.5CVSS6.1AI score0.01827EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•117 views

K14234227: Apache DB DdlUtils vulnerability CVE-2021-41616

Security Advisory Description Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intended for use when migrating database data with a SQL data type of BINARY, VARBINARY, LONGVARBINARY, or BLOB between databases using the ddlutils features. The BinaryObjectsHelper class was insecure an...

9.8CVSS8.4AI score0.03214EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•59 views

K14086714: BIND vulnerability CVE-2022-1183

Security Advisory Description On vulnerable configurations, the named daemon may, in some circumstances, terminate with an assertion failure. Vulnerable configurations are those that include a reference to http within the listen-on statements in their named.conf. TLS is used by both DNS over TLS...

7.5CVSS7.4AI score0.06394EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•79 views

K11312491: Intel AMT SDK, Intel SCS, or Intel MEBx vulnerability CVE-2021-33107

Security Advisory Description Insufficiently protected credentials in USB provisioning for IntelR AMT SDK before version 16.0.3, IntelR SCS before version 12.2 and IntelR MEBx before versions 11.0.0.0012, 12.0.0.0011, 14.0.0.0004 and 15.0.0.0004 may allow an unauthenticated user to potentially...

4.6CVSS4.4AI score0.00251EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•177 views

K07010600: BIND vulnerability CVE-2022-3080

Security Advisory Description By sending specific queries to the resolver, an attacker can cause named to crash. CVE-2022-3080 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported...

7.5CVSS7.6AI score0.01555EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•26 views

K10251014: BIG-IP VE TMM vulnerability CVE-2020-5887

Security Advisory Description BIG-IP Virtual Edition VE may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings. CVE-2020-5887 Impact The vulnerability can occur on BIG-IP VE systems with the following configuration: An IPv6 forwarding virtual server ...

9.1CVSS8.7AI score0.01803EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•34 views

K98750200: Server component of Oracle MySQL vulnerabilities CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3265, and CVE-2017-3273

Security Advisory Description CVE-2017-3243 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Charsets. Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple...

6.5CVSS6.4AI score0.04343EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•62 views

K01934914: Ruby-MySQL vulnerability CVE-2021-3779

Security Advisory Description A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later. CVE-2021-3779 Impact There is no impact; F5 products are...

6.5CVSS6.5AI score0.01107EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•53 views

K00947806: Linux kernel vulnerability CVE-2019-3846

Security Advisory Description A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. CVE-2019-3846 Impact There is no impact; F5 products are not affected by this vulnerability...

8.8CVSS7.7AI score0.05649EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•41 views

K02254805: InfiniBand vulnerability in the Linux kernel CVE-2016-4565

Security Advisory Description The InfiniBand aka IB stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a uAPI interface. CVE-2016-4565...

7.8CVSS6.7AI score0.00483EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•33 views

K01993501: Linux kernel vulnerability CVE-2016-10906

Security Advisory Description An issue was discovered in drivers/net/ethernet/arc/emacmain.c in the Linux kernel before 4.5. A use-after-free is caused by a race condition between the functions arcemactx and arcemactxclean. CVE-2016-10906 Impact There is no impact; F5 products are not affected by...

7CVSS6.3AI score0.0037EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•42 views

K00040234: BIND vulnerability CVE-2018-5744

Security Advisory Description A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 - 9.10.8-P1, 9.11.3 - 9.11.5-P1, 9.12.0 - 9.12.3-P1, and versions 9.10.7-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition...

7.5CVSS7.7AI score0.03353EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•74 views

K93951507: Multiple Samba vulnerabilities

Security Advisory Description CVE-2020-1472 An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol MS-NRPC, aka 'Netlogon Elevation of Privilege Vulnerability'...

10CVSS7.5AI score0.99512EPSS
Exploits75
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•43 views

K92071148: Server component of Oracle MySQL vulnerabilities CVE-2016-8318, CVE-2017-3291, CVE-2017-3312, CVE-2017-3313, and CVE-2017-3320

Security Advisory Description CVE-2016-8318 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker...

6.8CVSS6.9AI score0.01348EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•48 views

K90492697: OpenSSL vulnerability CVE-2016-6306

Security Advisory Description The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service out-of-bounds read via crafted certificate operations, related to s3clnt.c and s3srvr.c. CVE-2016-6306 Impact This vulnerability may allo...

5.9CVSS8AI score0.41683EPSS
Exploits1Affected Software25
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•41 views

K89434121: Linux kernel vulnerability CVE-2017-12193

Security Advisory Description The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service NULL pointer dereference and panic via a crafted application, as demonstrated by the...

5.5CVSS5.6AI score0.00451EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•43 views

K75540265: BIG-IP APM ACL bypass vulnerability CVE-2021-23016

Security Advisory Description An attacker may be able to bypass APM's internal restrictions and retrieve static content that is hosted within APM by sending specifically crafted requests to an APM Virtual Server. CVE-2021-23016 Impact This vulnerability may allow an attacker to retrieve static...

5.3CVSS5.4AI score0.00833EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•111 views

K64921482: Apache Tomcat vulnerability CVE-2018-11784

Security Advisory Description When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be...

4.3CVSS6.1AI score0.94494EPSS
Exploits3Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•44 views

K63771715: Linux kernel vulnerability CVE-2017-7261

Security Advisory Description The vmwsurfacedefineioctl function in drivers/gpu/drm/vmwgfx/vmwgfxsurface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service ZEROSIZEPTR dereference, and GPF and possibly...

5.5CVSS6AI score0.00366EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•41 views

K63545041: Server component of Oracle MySQL vulnerabilities CVE-2017-3317, CVE-2017-3318, and CVE-2017-3319

Security Advisory Description CVE-2017-3317 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Logging. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker...

4CVSS5.4AI score0.01346EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•44 views

K70569537: BIG-IP DNS Express vulnerability CVE-2022-41787

Security Advisory Description When the DNS profile is configured on a virtual server with DNS Express enabled, undisclosed DNS queries with Domain Name System Security Extensions DNSSEC can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-41787 Impact Traffic is disrupted while...

7.5CVSS7.6AI score0.00616EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•25 views

K60511369: Intel Data Center SSDs vulnerability CVE-2020-0527

Security Advisory Description Insufficient control flow management in firmware for some IntelR Data Center SSDs may allow a privileged user to potentially enable information disclosure via local access. CVE-2020-0527 Impact There is no impact; F5 products are not affected by this vulnerability...

4.4CVSS4.1AI score0.00331EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•128 views

K53420251: Linux kernel vulnerability CVE-2019-15666

Security Advisory Description An issue was discovered in the Linux kernel before 5.0.19. There is an out-of-bounds array access in xfrmpolicyunlink, which will cause denial of service, because verifynewpolicyinfo in net/xfrm/xfrmuser.c mishandles directory validation. CVE-2019-15666 Impact This...

4.9CVSS7AI score0.0173EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•40 views

K46123931: cURL and libcurl vulnerability CVE-2016-8619

Security Advisory Description The function readdata in security.c in curl before version 7.51.0 is vulnerable to memory double free. CVE-2016-8619 Impact An attacker may use this vulnerability to exploit the usage of the cURL command with Kerberos authentication on custom BIG-IP monitors and/or t...

9.8CVSS7.9AI score0.04989EPSS
Exploits0Affected Software16
Total number of security vulnerabilities6413