17 matches found
CVE-2019-10744
CVE-2019-10744 affects lodash versions lower than 4.17.12 and enables Prototype Pollution via defaultsDeep, by injecting a constructor payload to modify Object.prototype. IBM X-Force lists a base3.1 score of 9.1 (CRITICAL) and confirms the prototype pollution impact. Remediation: upgrade lodash t...
CVE-2019-11479
The CVE-2019-11479 family (SACK/MSS issues on the Linux kernel) stems from a hard-coded MSS of 48 bytes, enabling remote DoS via fragmented TCP handling. Public docs list CVE-2019-11477 (SACK Panic), CVE-2019-11478 (SACK Slowness/Excess Resource Usage), and CVE-2019-11479 (Low MSS) with kernel-wi...
CVE-2018-5743
CVE-2018-5743 affects BIND in multiple releases (notably 9.9.0–9.14.0, including some 9.11/9.13 branches). The flaw allows the named process to exceed its configured limit on simultaneous TCP connections, risking exhaustion of file descriptors and potentially affecting associated log/zone file ma...
CVE-2018-14634
CVE-2018-14634 is a Linux kernel integer overflow vulnerability in create_elf_tables(). An unprivileged local user with access to a SUID (or otherwise privileged) binary could escalate privileges. Documented vulnerable kernel families include 2.6.x, 3.10.x, and 4.14.x. Mitigations/recognitions ex...
CVE-2019-6471
CVE-2019-6471 is a race-condition vulnerability in ISC BIND where discarding malformed packets can trigger a REQUIRE assertion failure in dispatch.c, causing named to exit and produce a DoS. Affected versions include BIND 9.11.0–9.11.7, 9.12.0–9.12.4-P1, 9.14.0–9.14.2, all 9.13 development releas...
CVE-2018-14468
tcpdump before 4.9.3 contains a buffer over-read in the FRF.16 parser (print-fr.c:mfr_print()). Upgrading to tcpdump 4.9.3 (or later) is the remediation mentioned in the accompanying advisories for affected platforms.
CVE-2018-14880
tcpdump has a confirmed vulnerability CVE-2018-14880 in the OSPFv3 parser: a buffer over-read in ospf6_print_lshdr() inside print-ospf6.c, affecting tcpdump before version 4.9.3. Connected advisories (e.g., AlmaLinux ALSA-2020:4760, Debian DSA-4547-1, DLA-1955-1) reference this CVE and span multi...
CVE-2019-6642
CVE-2019-6642 affects F5 BIG-IP family (and related: BIG-IQ, iWorkflow, Enterprise Manager) with authenticated users able to upload files (e.g., via scp) and abuse the TMOS Shell (tmsh) to escalate to a root shell. The flaw arises from tmsh allowing execution of a secondary program via tools like...
CVE-2014-5209
The CVE-2014-5209 issue affects NTP 4.2.7p25 private (mode 6/7) messages via GET_RESTRICT, enabling information disclosure of sensitive data. Impact is limited to partial confidentiality; no exploit details are provided in the sources. No patched version is listed in the initial docs; a practical...
CVE-2019-6663
The CVE-2019-6663 entry covers BIG-IP, BIG-IQ, Enterprise Manager, and F5 iWorkflow configuration utility exposure to an Anti DNS Pinning (DNS Rebinding) attack. The root cause is insufficient verification of the Host field in HTTP requests, allowing an attacker controlling DNS to bind a maliciou...
CVE-2019-6665
CVE-2019-6665 affects BIG-IP ASM (15.0.0–15.0.1, 14.1.0–14.1.2, 14.0.0–14.0.1, 13.1.0–13.1.3.1), BIG-IQ 5.2.0–5.4.0 and 6.x, Enterprise Manager 3.1.1, and F5 iWorkflow 2.3.0. An attacker able to access the device communications between the BIG-IP ASM Central Policy Builder and BIG-IQ/Enterprise M...
CVE-2018-15322
The CVE-2018-15322 affects BIG-IP family with tmsh access where repeatedly saving edits via the tmsh edit cli preference command can exhaust /var partition storage, causing DoS. Affected: BIG-IP (versions 14.0.0–14.0.0.2, 13.0.0–13.1.0.7, 12.1.0–12.1.3.5, 11.6.0–11.6.3.2, 11.2.1–11.5.6); BIG-IQ C...
CVE-2020-5854
The CVE-2020-5854 issue affects BIG-IP TMM when using the connector profile, causing a core on specific connection sequences and temporary traffic processing failure post-restart, with device group failover risk. According to the F5 K50046200 advisory, vulnerable versions are BIG-IP TMM 11.6.0–11...
CVE-2019-6651
CVE-2019-6651 affects F5 BIG-IP family and related products (BIG-IQ, iWorkflow, Enterprise Manager) via the REST framework in the Configuration utility login page. The vulnerability arises from processing a modified request, leading to inconsistent HTTP responses that could aid an attacker. Affec...
CVE-2018-15321
CVE-2018-15321 affects BIG-IP products when Appliance mode is licensed and Admin/Resource Administrator roles have or are granted TMSH access. The issue allows high-privilege attackers to bypass Appliance mode restrictions and overwrite critical system files via TMSH, bypassing security controls....
CVE-2019-19151
CVE-2019-19151 affects F5 BIG-IP family (TMOS) and related tools: authenticated TMOS Shell users can access file-system objects disallowed by tmsh. Affected: BIG-IP releases 11.5.2–11.6.5.1, 12.1.0–12.1.5, 13.1.0–13.1.3.2, 14.0.0–14.1.2.3, 15.0.0–15.1.0; BIG-IQ 5.x–7.x; iWorkflow 2.3.0; Enterpris...
CVE-2018-15328
CVE-2018-15328 affects BIG-IP family, BIG-IQ, iWorkflow, and Enterprise Manager where SNMPv3 passphrases and trap destinations are not encrypted by the Secure Vault and are written in clear text to configuration files. Affected: BIG-IP components across 14.x (fix: 14.1.0), 13.x (13.0.0–13.1.1; “w...