Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•28 views

K64855220: F5 TMUI and iControl Rest vulnerability CVE-2019-6634

Security Advisory Description High volume of malformed analytics report requests leads to instability in restjavad process. This causes issues with both iControl REST and some portions of TMUI. The attack requires an authenticated user with any role. CVE-2019-6634 Note: The No Access user role is...

6.5CVSS6.6AI score0.01448EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•36 views

K65292036: Linux kernel vulnerability CVE-2019-15791

Security Advisory Description In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl...

7.8CVSS7.5AI score0.01317EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•24 views

K84084843: NGINX Controller installer vulnerability CVE-2020-5911

Security Advisory Description The NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system. CVE-2020-5911 Impact A man-in-the-middle MITM attacker can use this vulnerability to intercept the insecure HTTP channel and convincingly forge...

7.5CVSS7.4AI score0.01006EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•43 views

K75952001: QEMU vulnerability CVE-2019-15890

Security Advisory Description libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported...

7.5CVSS7AI score0.04027EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•42 views

K04320238: MySQL vulnerabilities CVE-2018-3276, CVE-2018-3277, CVE-2018-3278, CVE-2018-3279, and CVE-2018-3280

Security Advisory Description CVE-2018-3276 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Memcached. Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attack...

4.9CVSS6AI score0.03558EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•105 views

K51975973: Eclipse Jetty vulnerability CVE-2021-34428

Security Advisory Description For Eclipse Jetty versions = 9.4.40, = 10.0.2, = 11.0.2, if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts this can...

3.6CVSS6.5AI score0.00963EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•74 views

K28464509: PHP vulnerability CVE-2018-7584

Security Advisory Description In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the phpstreamurlwraphttpex function in ext/standard/httpfopenwrapper.c. This subsequently results in...

9.8CVSS8AI score0.87606EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•55 views

K92052341: Linux kernel vulnerability CVE-2021-29266

Security Advisory Description An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v-configctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba0. CVE-2021-29266 Impact There is no impact; F5 products are not...

7.8CVSS6.3AI score0.00318EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•29 views

K34514540: TMM vulnerability CVE-2017-6138

Security Advisory Description Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with BIG-IP APM profiles, regardless of settings. The issue is also exposed with the non-default "normalize URI" configuration options used in iRules...

7.5CVSS7.5AI score0.01585EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•37 views

K36228121: BIG-IP DHCPv6 vulnerability CVE-2019-6643

Security Advisory Description An attacker sending specifically crafted DHCPv6 requests through a BIG-IP virtual server configured with a DHCPv6 profile may be able to cause the Traffic Management Microkernel TMM process to produce a core file. CVE-2019-6643 Impact This vulnerability may allow an...

7.5CVSS7.3AI score0.01348EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•24 views

K30255576: MySQL vulnerability CVE-2016-5507

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.6.32 and earlier and 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. CVE-2016-5507 Impact There is no impact; F5 products are not affected by this vulnerability...

6.8CVSS6.3AI score0.02779EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•39 views

K47605350: MySQL vulnerability CVE-2016-5631

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached. CVE-2016-5631 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

4.9CVSS5.5AI score0.02471EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K49436091: MySQL vulnerabilities CVE-2018-2668, CVE-2018-2696, and CVE-2018-2703

Security Advisory Description CVE-2018-2668 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacke...

7.8CVSS7.3AI score0.0452EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•26 views

K50212906: MySQL vulnerability CVE-2016-8290

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Performance Schema, a different vulnerability than CVE-2016-5633. CVE-2016-8290 Impact There is no impact; F5 products are...

4.4CVSS4.5AI score0.01746EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•34 views

K35408374: BIG-IP compression driver vulnerability CVE-2021-23044

Security Advisory Description When the Intel QuickAssist Technology QAT compression driver is used on affected BIG-IP hardware and BIG-IP Virtual Edition VE platforms, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2021-23044 Impact Traffic is disrupted whi...

7.5CVSS7.4AI score0.00933EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•94 views

K73008537: Apache Tomcat vulnerability CVE-2018-1336

Security Advisory Description An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86...

7.5CVSS8.6AI score0.20599EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•40 views

K09417637: Samba vulnerability CVE-2015-3223

Security Advisory Description The ldbwildcardcompare function in ldbmatch.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service infini...

5.3CVSS6.5AI score0.06884EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•49 views

K67644055: PHP vulnerability CVE-2016-5772

Security Advisory Description Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via...

9.8CVSS8.3AI score0.09674EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•31 views

K26430555: MySQL vulnerability CVE-2016-5625

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Packaging. CVE-2016-5625 Impact There is no impact; F5 products are not affected by this vulnerabilit...

7CVSS5.6AI score0.00399EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•33 views

K11220361: LibTIFF vulnerability CVE-2015-1547

Security Advisory Description The NeXTDecode function in tifnext.c in LibTIFF allows remote attackers to cause a denial of service uninitialized memory access via a crafted TIFF image, as demonstrated by libtiff5.tif. CVE-2015-1547 Impact This vulnerability allows a remote attacker to cause a...

6.5CVSS7.2AI score0.03341EPSS
Exploits1Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•36 views

K66782293: TMM vulnerability CVE-2021-23039

Security Advisory Description When IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote IPSec peer, which already has a negotiated Security Association, can cause the Traffic Management Microkernel TMM to terminate. CVE-2021-23039 Impact Traffic is disrupted whil...

7.5CVSS7.4AI score0.0095EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•41 views

K20226900: F5 WebSafe Dashboard vulnerability CVE-2018-5545

Security Advisory Description A malicious, authenticated user can execute code on the F5 WebSafe Alert Server by using a maliciously crafted payload. CVE-2018-5545 Impact F5 WebSafe Alert Server An attacker with an authenticated account may be able to perform a malicious remote code execution on...

8.8CVSS9AI score0.02394EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•34 views

K13201415: MySQL vulnerability CVE-2016-5616

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: MyISAM. CVE-2016-5616 Impact There is no impact; F5...

6.2AI score
Exploits10
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•60 views

K10754336: MySQL vulnerabilities CVE-2019-2808, CVE-2019-2810, CVE-2019-2811, CVE-2019-2812, and CVE-2019-2814

Security Advisory Description CVE-2019-2808 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...

6.5CVSS4.8AI score0.02085EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•54 views

K05415626: Apache HTTPD vulnerability CVE-2017-7659

Security Advisory Description A maliciously constructed HTTP/2 request could cause modhttp2 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process. CVE-2017-7659 Impact A remote attacker can use a maliciously crafted HTTP/2 request to cause an abnormal termination on the Apache...

7.5CVSS7.2AI score0.53939EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•38 views

K44453423: IP-in-IP Packet Processing vulnerability CVE-2020-10136

Security Advisory Description Multiple products that implement the IP Encapsulation within IP standard RFC 2003, STD 1 decapsulate and route IP-in-IP traffic without any validation, which could allow an unauthenticated remote attacker to route arbitrary traffic via an exposed network interface an...

5.3CVSS5.7AI score0.28537EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•98 views

K50974556: Overview of F5 vulnerabilities (August 2021)

Security Advisory Description On August 24, 2021, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated...

9.9CVSS8.6AI score0.02288EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•32 views

K09092524: Binutils vulnerability CVE-2019-9074

Security Advisory Description An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfdgetl32 in libbfd.c, when called from pex64getruntimefunction in pei-x8664.c. CVE-2019-9074 Impact...

5.5CVSS7.4AI score0.01569EPSS
Exploits1Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•58 views

K59591931: Drupal vulnerability CVE-2018-7602

Security Advisory Description A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to...

9.8CVSS7.8AI score0.99236EPSS
Exploits14
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•67 views

K54095660: Linux kernel vulnerability CVE-2016-9555

Security Advisory Description The sctpsfootb function in net/sctp/smstatefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service out-of-bounds slab access or possibly have unspecified other impact via...

10CVSS6.9AI score0.09144EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•21 views

K94325657: BIG-IP restjavad vulnerability CVE-2020-5880

Security Advisory Description The restjavad process may expose a way for attackers to upload arbitrary files on the BIG-IP system, bypassing the authorization system. Resulting error messages may also reveal internal paths of the server. CVE-2020-5880 Impact A remote attacker may be able to fill...

7.1CVSS7.1AI score0.01261EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•47 views

K03251240: Multiple Apache OFBiz vulnerabilities CVE-2021-29200, CVE-2021-30128

Security Advisory Description CVE-2021-29200 Apache OFBiz has unsafe deserialization prior to 17.12.07 version An unauthenticated user can perform an RCE attack CVE-2021-30128 Apache OFBiz has unsafe deserialization prior to 17.12.07 version Impact There is no impact; F5 products are not affected...

10CVSS9.5AI score0.81079EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•32 views

K02884135: Binutils vulnerability CVE-2019-9071

Security Advisory Description An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a stack consumption issue in dcounttemplatesscopes in cp-demangle.c after many recursive calls. CVE-2019-9071 Impact There is no impact; F5 products are not affected by this...

5.5CVSS6AI score0.01813EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•46 views

K71581599: libgd vulnerability CVE-2016-6161

Security Advisory Description The output function in gdgifout.c in the GD Graphics Library aka libgd allows remote attackers to cause a denial of service out-of-bounds read via a crafted image. CVE-2016-6161 Impact When using PHP to generate GIF images, it is possible for a specially crafted GD2...

6.5CVSS6.8AI score0.02772EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•52 views

K85307687: cURL and libcurl vulnerabilities CVE-2014-3613, CVE-2014-3707, and CVE-2014-8150

Security Advisory Description CVE-2014-3613 cURL and libcurl before 7.38.0 does not properly handle IP addresses in cookie domain names, which allows remote attackers to set cookies for or send arbitrary cookies to certain sites, as demonstrated by a site at 192.168.0.1 setting cookies for a site...

5CVSS8.4AI score0.07432EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•54 views

K84947349: OpenJDK vulnerabilities CVE-2015-2601, CVE-2015-2621, CVE-2015-2632, CVE-2015-4748, and CVE-2015-4749

Security Advisory Description CVE-2015-2601 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. CVE-2015-2621 Unspecified vulnerability in Oracle Java SE...

7.6CVSS4.7AI score0.44595EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•41 views

K36784855: Apache Tomcat vulnerability CVE-2016-0762

Security Advisory Description The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to...

5.9CVSS6.6AI score0.07991EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•134 views

K37012655: Linux kernel vulnerability CVE-2016-7042

Security Advisory Description The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service stack...

6.2CVSS6.6AI score0.00395EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•56 views

K69734255: INTEL-SA-00251 - Intel NUC Firmware vulnerability CVE-2019-11094

Security Advisory Description Insufficient input validation in system firmware for Intel R NUC Kit may allow an authenticated user to potentially enable escalation of privilege, denial of service, and/or information disclosure via local access. CVE-2019-11094 Impact There is no impact; F5 product...

7.8CVSS7.4AI score0.00359EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•92 views

K54308010: PHP vulnerability CVE-2016-7124

Security Advisory Description ext/standard/varunserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a 1 destruct...

9.8CVSS9.2AI score0.16482EPSS
Exploits2Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•45 views

K52114338: systemd vulnerability CVE-2017-9445

Security Advisory Description In systemd through 233, certain sizes passed to dnspacketnew in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating ...

7.5CVSS7.9AI score0.55116EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•116 views

K44500413: Linux kernel vulnerability CVE-2016-2069

Security Advisory Description Race condition in arch/x86/mm/tlb.c in the Linux kernel before 4.4.1 allows local users to gain privileges by triggering access to a paging structure by a different CPU. CVE-2016-2069 Impact There is no impact; F5 products are not affected by this vulnerability...

7.4CVSS7.2AI score0.00315EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•35 views

K53590702: BIG-IP engineering hotfix TMM vulnerability CVE-2020-5852

Security Advisory Description Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel TMM. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts...

7.5CVSS7.5AI score0.01204EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•63 views

K41103561: libxml2 vulnerability CVE-2016-4448

Security Advisory Description Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors. CVE-2016-4448 Impact Allows an attacker unauthorized disclosure of information, unauthorized modification, and disruption ...

10CVSS8.6AI score0.07039EPSS
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•24 views

K33245306: INTEL-SA-00244 - Intel Quartus Prime Software CVE-2019-0171

Security Advisory Description Improper directory permissions in the installer for IntelR QuartusR software may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2019-0171 Impact There is no impact; F5 products are not affected by this vulnerability...

7.8CVSS7.8AI score0.00319EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•51 views

K23030550: Linux kernel vulnerability CVE-2016-8399

Security Advisory Description An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged proce...

7.6CVSS6.9AI score0.02341EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•51 views

K35232053: PHP vulnerability CVE-2016-7125

Security Advisory Description ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a way that triggers incorrect parsing, which allows remote attackers to inject arbitrary-type session data by leveraging control of a session name, as demonstrated by obje...

7.5CVSS8.6AI score0.0578EPSS
Exploits1Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•44 views

K41827200: MySQL vulnerabilities CVE-2018-2562, CVE-2018-2573, CVE-2018-2576, CVE-2018-2583, and CVE-2018-2590

Security Advisory Description CVE-2018-2562 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Partition. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows low privileged attack...

7.5CVSS6.5AI score0.03389EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•24 views

K24415506: BIG-IP APM portal access reflected XSS vulnerability CVE-2020-5889

Security Advisory Description In BIG-IP APM portal access, a specially crafted HTTP request can lead to reflected XSS after the BIG-IP APM system rewrites the HTTP response from the untrusted backend server and sends it to the client. CVE-2020-5889 Impact An attacker can craft a malicious URL and...

5.4CVSS5.1AI score0.0072EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:0 p.m.•30 views

K23328310: TMM vulnerability CVE-2018-15330

Security Advisory Description When a virtual server uses the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal error and may cause the Traffic Management Microkernel TMM to produce a core file. CVE-2018-15330 Impact An attacker may be able to...

7.8CVSS7.6AI score0.01344EPSS
Exploits0Affected Software13
Total number of security vulnerabilities6413