Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•58 views

K27053426: Spring data XML vulnerability CVE-2018-1259

Security Advisory Description Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library...

7.5CVSS7.8AI score0.0497EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•39 views

K29814751: Intel AMT vulnerabilities CVE-2020-0537, CVE-2020-0538, and CVE-2020-0540

Security Advisory Description CVE-2020-0537 Improper input validation in subsystem for IntelR AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privileged user to potentially enable denial of service via network access. CVE-2020-0538 Improper input validation in subsystem fo...

7.5CVSS5.8AI score0.0231EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•45 views

K30002521: GNU C Library vulnerability CVE-2018-19591

Security Advisory Description In the GNU C Library aka glibc or libc6 through 2.28, attempting to resolve a crafted hostname via getaddrinfo leads to the allocation of a socket descriptor that is not closed. This is related to the ifnametoindex function. CVE-2018-19591 Impact There is no impact; ...

7.5CVSS7.5AI score0.05532EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•61 views

K27238230: glibc vulnerability CVE-2020-29573

Security Advisory Description sysdeps/i386/ldbl2mpn.c in the GNU C Library aka glibc or libc6 before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

7.5CVSS7.1AI score0.02765EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•62 views

K28409184: Mozilla NSS vulnerability CVE-2020-12413

Security Advisory Description The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites. CVE-2020-12413 Impact This can lead to an attacker being able to compute the pre-master secret i...

5.9CVSS7.5AI score0.00594EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•46 views

K49921213: glibc vulnerability CVE-2020-1752

Security Advisory Description A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit thi...

7CVSS7.5AI score0.00535EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•57 views

K52004282: Linux kernel vulnerability CVE-2021-32606

Security Advisory Description In the Linux kernel 5.11 through 5.12.2, isotpsetsockopt in net/can/isotp.c allows privilege escalation to root by leveraging a use-after-free. This does not affect earlier versions that lack CAN ISOTP SFBROADCAST support. CVE-2021-32606 Impact There is no impact; F5...

7.8CVSS6.3AI score0.00418EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•38 views

K52180214: MCPD vulnerability CVE-2016-7474

Security Advisory Description In some cases, the MCPD binary cache may allow a user with Advanced Shell access to temporarily obtain normally unrecoverable information. CVE-2016-7474 Impact A local user may have access to sensitive data such as passwords for recently created local user accounts a...

5.5CVSS5.6AI score0.00361EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•29 views

K10587158: MySQL vulnerability CVE-2016-8284

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication. CVE-2016-8284 Impact There is no impact; F5 products are not affected by this vulnerability...

1.8CVSS4.1AI score0.00404EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•167 views

K06420357: PHP vulnerability CVE-2017-16642

Security Advisory Description In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelibmeridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related...

7.5CVSS6.3AI score0.26373EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•51 views

K08037765: Qt vulnerabilities CVE-2018-19869, CVE-2018-19870, CVE-2018-19871, and CVE-2018-19873

Security Advisory Description CVE-2018-19869 An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. CVE-2018-19870 An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler...

9.8CVSS7.2AI score0.03382EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•43 views

K52285493: Multiple Intel CPU vulnerabilities

Security Advisory Description CVE-2020-8670 Race condition in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-8700 Improper input validation in the firmware for some IntelR Processors may allow a privileg...

7.8CVSS6AI score0.00347EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•57 views

K38893457: BIG-IP DNS TMUI vulnerability CVE-2022-33947

Security Advisory Description A vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface TMUI that allows an authenticated attacker with at least operator role privileges to cause the Tomcat process to restart and perform unauthorized DNS requests and operatio...

6.5CVSS6.3AI score0.00626EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•35 views

K45353544: SSL virtual server vulnerability CVE-2019-6605

Security Advisory Description An undisclosed sequence of packets received by an SSL virtual server and processed by an associated Client SSL or Server SSL profile may cause a denial of service. CVE-2019-6605 Impact This vulnerability allows an unauthorized disruption of service. Security Advisory...

7.5CVSS7.5AI score0.01693EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•41 views

K21057235: libpng out-of-bounds read vulnerability CVE-2015-7981

Security Advisory Description The pngconverttorfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via crafted tIME chunk data in an image file, which triggers an out-of-bounds...

5CVSS7.8AI score0.06359EPSS
Exploits1Affected Software21
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•68 views

K61267093: Multiple NSS vulnerabilities CVE-2020-6829, CVE-2020-12400, CVE-2020-12401, and CVE-2020-12402

Security Advisory Description CVE-2020-6829 When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the...

5.3CVSS6.9AI score0.01449EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•25 views

K23985340: Spring Integration Zip vulnerability CVE-2018-1261

Security Advisory Description Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive affects other archives as well, bzip2, tar, xz, war, cpio, 7z that holds path traversal filenames. So when the...

4.7CVSS5.3AI score0.01288EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•59 views

K01512680: Linux kernel vulnerability CVE-2019-11811

Security Advisory Description An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed, related to drivers/char/ipmi/ipmisiintf.c, drivers/char/ipmi/ipmisimemio.c, and...

7CVSS6.5AI score0.00451EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•40 views

K06015902: Intel AMT vulnerabilities CVE-2020-0531, CVE-2020-0532, and CVE-2020-0535

Security Advisory Description CVE-2020-0531 Improper input validation in IntelR AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user to potentially enable information disclosure via network access. CVE-2020-0532 Improper input validation in subsystem for...

7.1CVSS5.9AI score0.01646EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•41 views

K50112422: Linux kernel vulnerability CVE-2020-11884

Security Advisory Description In the Linux kernel through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enablesacfuaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. ...

7CVSS6.8AI score0.00397EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•36 views

K10520421: Spring Security OAuth vulnerability CVE-2018-1260

Security Advisory Description Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A malicious user or attacker can craft an authorization request to the...

9.8CVSS9.6AI score0.08352EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•33 views

K05314769: BIG-IP Advanced WAF and ASM WebSocket vulnerability CVE-2021-23033

Security Advisory Description When a WebSocket profile is configured on a virtual server, undisclosed requests can cause bd to terminate. CVE-2021-23033 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a remote attacker to cause a denial-of-service DoS on the...

7.5CVSS7.5AI score0.00933EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•117 views

K35799130: Multiple PHP vulnerabilities

Security Advisory Description CVE-2016-5399 The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via a crafted bz2 archive. CVE-2016-6291 The...

9.8CVSS9.6AI score0.09844EPSS
Exploits11
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•37 views

K03685068: Linux kernel vulnerability CVE-2017-5972

Security Advisory Description The TCP stack in the Linux kernel 3.x does not properly implement a SYN cookie protection mechanism for the case of a fast network connection, which allows remote attackers to cause a denial of service CPU consumption by sending many TCP SYN packets, as demonstrated ...

7.8CVSS7.5AI score0.2389EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•33 views

K35750231: TMM vulnerability CVE-2020-5878

Security Advisory Description Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE while processing unusual IP traffic. CVE-2020-5878 Impact The BIG-IP VE system may temporarily fail to process traffic as it recovers from a TMM restart. If the BIG-IP VE system is configured...

7.5CVSS7.4AI score0.01044EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•41 views

K34360320: BIG-IP FastL4 vulnerability CVE-2022-23010

Security Advisory Description When a FastL4 profile and an HTTP profile are configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-23010 Impact System performance can degrade until the process is either forced to restart or is manually...

7.5CVSS7.5AI score0.00952EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•55 views

K44603900: BIG-IP Configuration utility vulnerability CVE-2019-6598

Security Advisory Description Malformed requests to the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, may lead to disruption of TMUI services. This attack requires an authenticated user with any role other than the No Access role. The No Access user...

4.3CVSS4.8AI score0.01031EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•239 views

K76719230: PHP vulnerability CVE-2015-4116

Security Advisory Description Use-after-free vulnerability in the splptrheapinsert function in ext/spl/splheap.c in PHP before 5.5.27 and 5.6.x before 5.6.11 allows remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation.CVE-2015-4116 Impact There is no...

9.8CVSS9AI score0.05466EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•109 views

K20451100: Apache vulnerability CVE-2022-22721

Security Advisory Description If LimitXMLRequestBody is set to allow request bodies larger than 350MB defaults to 1M on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier. CVE-2022-22721 Impact There is no...

9.1CVSS8.7AI score0.41861EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•29 views

K43267483: PHP vulnerability CVE-2016-5766

Security Advisory Description Integer overflow in the gd2GetHeader function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service heap-based buffer overflow and...

8.8CVSS8.7AI score0.07495EPSS
Exploits1Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•57 views

K92665308: Apache Tomcat vulnerabilities CVE-2017-7674 and CVE-2017-7675

Security Advisory Description CVE-2017-7674 The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 and 7.0.41 to 7.0.78 did not add an HTTP Vary header indicating that the response varies depending on Origin. This permitted client and server side cache...

7.5CVSS6.4AI score0.1014EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•34 views

K41020865: MySQL vulnerability CVE-2016-8286

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote authenticated users to affect confidentiality via vectors related to Server: Security: Privileges. CVE-2016-8286 Impact There is no impact; F5 products are not affected by this vulnerability...

3.5CVSS5.3AI score0.01879EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•112 views

K19473898: Expat vulnerabilities CVE-2022-23852, CVE-2022-25235, CVE-2022-25236, and CVE-2022-25315

Security Advisory Description CVE-2022-23852 Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-25235 xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for...

9.8CVSS8.3AI score0.34174EPSS
Exploits1Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•84 views

K69124112: PostgreSQL JDBC vulnerability CVE-2022-21724

Security Advisory Description pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc...

9.8CVSS8.3AI score0.0301EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•40 views

K19356280: Cognito Software Moneyworks vulnerability CVE-2017-9615

Security Advisory Description Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file. CVE-2017-9615 Impact There is no impact; F5 products are...

9.8CVSS9.6AI score0.01401EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•40 views

K81556107: Intel processors vulnerabilities CVE-2019-0123 and CVE-2019-0124

Security Advisory Description CVE-2019-0123 Insufficient memory protection in IntelR 6th Generation Core Processors and greater, supporting SGX, may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2019-0124 Insufficient memory protection in IntelR 6th...

7.8CVSS7.8AI score0.00375EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•29 views

K89105210: Multiple Intel Linux Wi-Fi Drivers vulnerabilities

Security Advisory Description CVE-2019-11151 Memory corruption issues in IntelR WIFI Drivers before version 21.40 may allow a privileged user to potentially enable escalation of privilege, denial of service, and information disclosure via local access. CVE-2019-11152 Memory corruption issues in...

8.8CVSS7.1AI score0.0062EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•35 views

K17959662: ImageMagick vulnerabilities CVE-2015-8897 and CVE-2016-5239

Security Advisory Description CVE-2015-8897 The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service application crash via a crafted png file. CVE-2016-5239 The gnuplot delegate functionality in ImageMagick before 6.9.4-...

9.8CVSS7.7AI score0.03162EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•47 views

K90011301: libssh2 vulnerabilities CVE-2019-3856, CVE-2019-3857, and CVE-2019-3863

Security Advisory Description CVE-2019-3856 An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system...

8.8CVSS7.7AI score0.06131EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•83 views

K91117041: Oracle Java SE vulnerability CVE-2019-2745, CVE-2019-2762

Security Advisory Description CVE-2019-2745 Vulnerability in the Java SE component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 7u221, 8u212 and 11.0.3. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructu...

5.3CVSS5.8AI score0.04351EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•40 views

K42102650: MySQL vulnerability CVE-2017-10203

Security Advisory Description Vulnerability in the MySQL Connectors component of Oracle MySQL subcomponent: Connector/Net. Supported versions that are affected are 6.9.9 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...

5.3CVSS4.8AI score0.02618EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•34 views

K51433470: MySQL vulnerability CVE-2017-10424

Security Advisory Description Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL subcomponent: Monitoring: Web. Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.4.2.4181 and earlier. Easily exploitable vulnerability allows...

8.8CVSS8.6AI score0.01802EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•37 views

K61112120: BIG-IP ASM and Advanced WAF TMUI vulnerability CVE-2022-23031

Security Advisory Description An XML External Entity XXE vulnerability exists in an undisclosed page of the F5 Advanced Web Application Firewall Advanced WAF and BIG-IP ASM Traffic Management User Interface TMUI, also referred to as the Configuration utility, that allows an authenticated...

4.9CVSS4.8AI score0.00834EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•37 views

K90412202: libarchive vulnerability CVE-2015-8932

Security Advisory Description The compressbidderinit function in archivereadsupportfiltercompress.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service crash via a crafted tar file, which triggers an invalid left shift. CVE-2015-8932 Impact This functionality is expose...

5.5CVSS6.5AI score0.02214EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•175 views

K89621551: OpenSSH vulnerability CVE-2017-15906

Security Advisory Description The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. CVE-2017-15906 Impact BIG-IP, BIG-IQ, F5 iWorkflow, Enterprise Manager, LineRate, and ARX...

5.3CVSS7.2AI score0.03359EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•56 views

K42910051: OpenSSL vulnerability CVE-2020-1971

Security Advisory Description The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a GENERALNAME to see if they are equal or not...

5.9CVSS7AI score0.06968EPSS
Exploits3Affected Software18
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•84 views

K05295469: Expat vulnerability CVE-2019-15903

Security Advisory Description In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read. CVE-2019-15903...

7.5CVSS8.2AI score0.06707EPSS
Exploits1Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•39 views

K51197241: ICU vulnerability CVE-2020-10531

Security Advisory Description An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp. CVE-2020-10531 Impact There is no impact; F5...

8.8CVSS8AI score0.02669EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•32 views

K11464209: IP Intelligence Feed List vulnerability CVE-2017-6143

Security Advisory Description X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server’s identity is not properly validated in certain versions of BIG-IP. CVE-2017-6143 Impact Affected BIG-IP...

5.8CVSS5.6AI score0.00427EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•30 views

K09585151: BIND vulnerability CVE-2018-5734

Security Advisory Description While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't conta...

7.5CVSS7.4AI score0.06236EPSS
Exploits0
Total number of security vulnerabilities6413