Lucene search
K

6401 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•36 views

K92616530: Samba vulnerability CVE-2015-5296

Security Advisory Description Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections that are encrypted but unsigned, which allows man-in-the-middle attackers to conduct encrypted-to-unencrypted downgrade attacks by modifying the client-server data stream...

5.4CVSS6.5AI score0.07263EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•136 views

K93278412: Python and Jython vulnerabilities CVE-2014-1912 and CVE-2014-4650

Security Advisory Description CVE-2014-1912 Buffer overflow in the socket.recvfrominto function in Modules/socketmodule.c in Python 2.5 before 2.7.7, 3.x before 3.3.4, and 3.4.x before 3.4rc1 allows remote attackers to execute arbitrary code via a crafted string. CVE-2014-4650 It was discovered...

9.8CVSS8.6AI score0.28319EPSS
Exploits12
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•36 views

K51428664: QEMU vulnerability CVE-2018-11806

Security Advisory Description mcat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. CVE-2018-11806 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently...

8.2CVSS7.7AI score0.00823EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•152 views

K88251614: GNU Finger vulnerability CVE-1999-0612

Security Advisory Description A version of finger is running that exposes valid user information to any entity on the network. CVE-1999-0612 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently...

6.5AI score0.6744EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•29 views

K30215839: F5 iRules vulnerability CVE-2019-6685

Security Advisory Description Users with access to edit iRules are able to create iRules which can lead to an elevation of privilege, configuration modification, and arbitrary system command execution. CVE-2019-6685 Impact BIG-IP iRules manager roles are able to access data stored on other...

7.8CVSS7.8AI score0.00364EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•33 views

K26244025: BIG-IP HTTP compression profile vulnerability CVE-2020-5933

Security Advisory Description When a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger an out-of-memory condition on the BIG-IP system. CVE-2020-5933 Impact Th...

7.8CVSS7.4AI score0.0105EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•34 views

K81192137: sosreport vulnerability CVE-2015-7529

Security Advisory Description sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date...

7.8CVSS7.4AI score0.00438EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•51 views

K77384526: tcpdump vulnerabilities CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, and CVE-2016-7927

Security Advisory Description CVE-2016-7922 The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ahprint. CVE-2016-7923 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arpprint. CVE-2016-7924 The ATM parser in tcpdump before 4.9.0 has a buffer...

9.8CVSS8.7AI score0.03464EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•20 views

K25691186: BIG-IP Configuration utility vulnerability CVE-2020-27715

Security Advisory Description Crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon. CVE-2020-27715 Impact Unable to access the affected BIG-IP system's Configuration utility. Security Advisory Status F5 Product Development has...

7.8CVSS7.4AI score0.0105EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•32 views

K04572666: systemd vulnerability CVE-2020-13776

Security Advisory Description systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete...

6.7CVSS6.2AI score0.00464EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•69 views

K41385746: Apache Tomcat vulnerability CVE-2017-5648

Security Advisory Description While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application...

9.1CVSS8.4AI score0.13225EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•26 views

K41346123: MySQL vulnerability CVE-2016-8287

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Replication. CVE-2016-8287 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

4.5CVSS5.5AI score0.01561EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•41 views

K47429080: Ghostscript vulnerability CVE-2016-7976

Security Advisory Description The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams. CVE-2016-7976 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...

8.8CVSS9.4AI score0.23453EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•126 views

K44309215: Linux kernel vulnerability CVE-2017-1000111

Security Advisory Description Linux kernel: heap out-of-bounds in AFPACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packetsetring. Previously with PACKETVERSION. This time wi...

7.8CVSS7.3AI score0.00374EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•172 views

K03544225: PHP vulnerabilities CVE-2018-19518 and CVE-2018-19935

Security Advisory Description CVE-2018-19518 University of Washington IMAP Toolkit 2007f on UNIX, as used in imapopen in PHP and other products, launches an rsh command by means of the imaprimap function in c-client/imap4r1.c and the tcpaopen function in osdep/unix/tcpunix.c without preventing...

8.5CVSS7.8AI score0.9523EPSS
Exploits6
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•71 views

K04454621: Linux kernel vulnerability CVE-2020-25671

Security Advisory Description A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations. CVE-2020-25671 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Statu...

7.8CVSS6.3AI score0.00511EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•63 views

K23125024: MySQL vulnerabilities CVE-2019-2791, CVE-2019-2795, CVE-2019-2796, CVE-2019-2797, and CVE-2019-2798

Security Advisory Description CVE-2019-2791 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Audit Plug-in. Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with networ...

6.5CVSS5AI score0.02729EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•37 views

K42944216: Erlang vulnerability CVE-2017-1000385

Security Advisory Description The Erlang otp TLS server answers with different TLS alerts to different error types in the RSA PKCS 1 1.5 padding. This allows an attacker to decrypt content or sign messages with the server's private key this is a variation of the Bleichenbacher attack...

5.9CVSS6AI score0.22098EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•30 views

K31025212: BIG-IP MPTCP vulnerability CVE-2021-23004

Security Advisory Description Multipath TCP MPTCP forwarding flows may be created on standard virtual servers without MPTCP enabled in the applied TCP profile. CVE-2021-23004 Impact A remote attacker may be able to cause a BIG-IP system to consume excessive system resources and produce a core fil...

7.5CVSS6.4AI score0.00961EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•29 views

K39751401: BIND vulnerability CVE-2019-6469

Security Advisory Description An error in the EDNS Client Subnet ECS feature for recursive resolvers can cause BIND to exit with an assertion failure when processing a response that has malformed RRSIGs. Versions affected: BIND 9.10.5-S1 - 9.11.6-S1 of BIND 9 Supported Preview Edition...

7.5CVSS5.9AI score0.01946EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•33 views

K32157421: MySQL vulnerability CVE-2016-3495

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. CVE-2016-3495 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Stat...

6.8CVSS4.5AI score0.02703EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•36 views

K19194273: MySQL vulnerabilities CVE-2019-2778, CVE-2019-2780, CVE-2019-2784, CVE-2019-2785, and CVE-2019-2789

Security Advisory Description CVE-2019-2778 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with...

5.5CVSS4.9AI score0.02532EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•58 views

K15650046: Tcl code injection security exposure

Security Advisory Description Certain coding practices may allow an attacker to inject arbitrary Tool Command Language Tcl commands, which can be executed in the security context of the target Tcl script by the running Tcl interpreter. Note: This issue affects any user-supplied Tcl code executed ...

8.1AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•35 views

K32460441: OpenSSL vulnerabilities CVE-2016-7053 and CVE-2016-7054

Security Advisory Description CVE-2016-7053 In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the...

7.5CVSS7.7AI score0.32389EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•72 views

K65460334: Expat XML parser vulnerability CVE-2012-6702

Security Advisory Description Expat, when used in a parser that has not called XMLSetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. CVE-2012-6702 Impact An attacker m...

5.9CVSS6.8AI score0.02371EPSS
Exploits0Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•481 views

K42531048: OpenSSH vulnerability CVE-2019-6110

Security Advisory Description In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server or Man-in-The-Middle attacker can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. CVE-2019-6110...

6.8CVSS7.2AI score0.20906EPSS
Exploits8Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•33 views

K63558580: BIG-IP crypto driver vulnerability CVE-2020-5872

Security Advisory Description When processing TLS traffic with hardware cryptographic acceleration enabled on platforms with Intel QAT hardware, the Traffic Management Microkernel TMM may stop responding and cause a failover event. CVE-2020-5872 Impact Hardware cryptographic acceleration fails an...

7.5CVSS7.4AI score0.01276EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•46 views

K21856463: MySQL vulnerability CVE-2016-8289

Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows local users to affect integrity and availability via vectors related to Server: InnoDB. CVE-2016-8289 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

4.7CVSS5.2AI score0.00336EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•26 views

K21971977: TMM vulnerability CVE-2021-22975

Security Advisory Description Under some circumstances, Traffic Management Microkernel TMM may restart on the BIG-IP system while passing large bursts of traffic. CVE-2021-22975 Impact This vulnerability may allow an attacker to cause a denial-of-service DoS to the BIG-IP system. The BIG-IP syste...

7.5CVSS6.3AI score0.00933EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•58 views

K55672042: Linux kernel vulnerability CVE-2016-4470

Security Advisory Description The keyrejectandlink function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service system crash via vectors involving a crafted keyctl request2...

5.5CVSS6AI score0.00582EPSS
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•33 views

K23001529: SSL Intercept iApp and SSL Orchestrator Server-Side Request Forgery vulnerability CVE-2017-6130

Security Advisory Description F5 SSL Intercept iApp 1.5.0 - 1.5.7 and SSL Orchestrator 2.0 is vulnerable to a Server-Side Request Forgery SSRF attack when deployed using the Dynamic Domain Bypass DDB feature feature plus SNAT Auto Map option for egress traffic. CVE-2017-6130 Impact A remote...

7.4CVSS7.6AI score0.01147EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•75 views

K31085564: Spectre SWAPGS gadget vulnerability CVE-2019-1125

Security Advisory Description An information disclosure vulnerability exists when certain central processing units CPU speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073. CVE-2019-1125 also known as Spect...

5.6CVSS7.1AI score0.04521EPSS
Exploits4Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•75 views

K32804955: Linux kernel vulnerability CVE-2019-10639

Security Advisory Description The Linux kernel 4.x starting from 4.1 and 5.x before 5.0.8 allows Information Exposure partial kernel address disclosure, leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the kernel produces for...

7.5CVSS7.1AI score0.03252EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•78 views

K53411527: SELinux policycoreutils vulnerability CVE-2016-7545

Security Advisory Description SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call. CVE-2016-7545 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

8.8CVSS8.6AI score0.00382EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•79 views

K55423848: CGI.pm and CGI::Simple vulnerabilities CVE-2010-2761 and CVE-2010-4410

Security Advisory Description CVE-2010-2761 The multipartinit function in 1 CGI.pm before 3.50 and 2 Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers a...

4.3CVSS9.1AI score0.02713EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•23 views

K53821711: TMM vulnerability CVE-2020-5946

Security Advisory Description Under some circumstances, certain format client-side alerts sent to the BIG-IP virtual server configured with DataSafe may cause the Traffic Management Microkernel TMM to restart, resulting in a Denial-of-Service DoS. CVE-2020-5946 Impact A remote attacker may be abl...

7.5CVSS7.5AI score0.01031EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•29 views

K16248201: TMM vulnerability CVE-2018-15318

Security Advisory Description If an MPTCP connection receives an abort signal while the initial flow is not the primary flow, the initial flow will remain after the closing procedure is complete. TMM may restart and produce a core file as a result of this condition. CVE-2018-15318 Impact The BIG-...

7.8CVSS7.6AI score0.01344EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•67 views

K17011311: NodeJS vulnerability CVE-2022-35256

Security Advisory Description The llhttp parser in the http module in Node v18.7.0 does not correctly handle header fields that are not terminated with CLRF. This may result in HTTP Request Smuggling. CVE-2022-35256 Impact There is no impact; F5 products are not affected by this vulnerability...

6.5CVSS7.5AI score0.02587EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•83 views

K51272092: MySQL vulnerabilities CVE-2019-2730, CVE-2019-2731, CVE-2019-2737, CVE-2019-2738, and CVE-2019-2739

Security Advisory Description CVE-2019-2730 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.6.44 and prior and 5.7.18 and prior. Easily exploitable vulnerability allows high privileged attacker with...

5.5CVSS5AI score0.03919EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•80 views

K10515241: Linux kernel vulnerabilities CVE-2016-1583 and CVE-2016-2143

Security Advisory Description CVE-2016-1583 The ecryptfsprivilegedopen function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service stack memory consumption via vectors involving crafted mmap calls for /proc pathnames, leadi...

7.8CVSS7AI score0.01393EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•30 views

K25359902: BIG-IP AAM security vulnerability CVE-2019-6601

Security Advisory Description The BIG-IP AAM wamd process used in the processing of images and PDFs fails to drop group permissions when executing helper scripts. CVE-2019-6601 Impact This issue does not have a direct exploit, but may be used in unknown ways when targeting the BIG-IP AAM module...

5.5CVSS5.6AI score0.00322EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•42 views

K48866433: PHP vulnerability CVE-2019-11046

Security Advisory Description In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked into reading beyond the allocated space by supplying it with string containing characters that are identified as numeri...

5.3CVSS7AI score0.04082EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•37 views

K10133477: BIG-IP IPsec IKE peer listener vulnerability CVE-2016-5736

Security Advisory Description The anonymous IPsec IKE peer configuration object is present and enabled in the default configuration. The settings of the anonymous IPsec IKE peer object allow an arbitrary peer to establish IKE phase 1 without certificate validation or a pre-shared key which may...

7.5CVSS7.3AI score0.02267EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•40 views

K49144112: tcpdump vulnerabilities CVE-2016-7934, CVE-2016-7935, CVE-2016-7936, CVE-2016-7937, and CVE-2016-7939

Security Advisory Description CVE-2016-7934 The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcpprint. CVE-2016-7935 The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtpprint. CVE-2016-7936 The UDP parser in tcpdump before 4.9.0 has a buffer...

9.8CVSS8.6AI score0.03493EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•31 views

K45143221: BIG-IP AVRD vulnerability CVE-2020-27728

Security Advisory Description Under certain conditions, Analytics, Visibility, and Reporting daemon AVRD may generate a core file and restart on the BIG-IP system when processing requests sent from mobile devices. CVE-2020-27728 Impact This may allow an attacker to initiate a denial-of-service Do...

7.5CVSS7.3AI score0.01002EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•24 views

K15417213: Samba vulnerability CVE-2015-7540

Security Advisory Description The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service memory consumption and daemon crash via crafted packets...

7.5CVSS6.4AI score0.07116EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•157 views

K00503780: Apache Struts 2 vulnerability CVE-2017-7672

Security Advisory Description If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to upgrade to Apache Struts version...

5.9CVSS6.7AI score0.09362EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•59 views

K45213552: cups-filters vulnerabilities CVE-2015-8327 and CVE-2015-8560

Security Advisory Description CVE-2015-8327 Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via backtick characters in a print job. CVE-2015-8560...

7.5CVSS8AI score0.10171EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•53 views

K95375529: PHP vulnerabilities CVE-2013-7456, CVE-2016-4343, and CVE-2016-5093

Security Advisory Description CVE-2013-7456 gdinterpolation.c in the GD Graphics Library aka libgd before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impa...

8.8CVSS9.1AI score0.05487EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•29 views

K91026261: BIG-IP TMM vulnerability CVE-2019-6594

Security Advisory Description Multipath TCP MPTCP does not protect against multiple zero length DATAFINs in the reassembly queue, which can lead to an infinite loop in some circumstances. CVE-2019-6594 Impact The BIG-IP system temporarily fails to process traffic as it recovers from a Traffic...

5.9CVSS5.9AI score0.01017EPSS
Exploits0Affected Software13
Total number of security vulnerabilities6401