CVE-2019-6594
- EPSS 1.02%
- Veröffentlicht 26.02.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:46:46
On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and 14.0.0-14.0.0.2, Multi-Path TCP (MPTCP) does not protect against multiple zero length DATA_FINs in the reassembly queue, which can lead to an infinite loop in some circumstances.
CVE-2019-6595
- EPSS 0.92%
- Veröffentlicht 26.02.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:46:46
Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI.
CVE-2019-9075
- EPSS 1.7%
- Veröffentlicht 24.02.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:50:56
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.
CVE-2019-8331
- EPSS 16.86%
- Veröffentlicht 20.02.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 04:49:42
In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2019-6974
- EPSS 16.52%
- Veröffentlicht 15.02.2019 15:29:00
- Zuletzt bearbeitet 21.11.2024 04:47:20
In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
CVE-2019-6589
- EPSS 0.79%
- Veröffentlicht 14.02.2019 00:29:00
- Zuletzt bearbeitet 21.11.2024 04:46:45
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP c...
CVE-2018-16890
- EPSS 5.35%
- Veröffentlicht 06.02.2019 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:53:32
libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subjec...
CVE-2019-6591
- EPSS 0.62%
- Veröffentlicht 05.02.2019 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:46:45
On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM syste...
CVE-2018-15333
- EPSS 0.39%
- Veröffentlicht 28.12.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:35
On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such...
CVE-2018-15334
- EPSS 0.73%
- Veröffentlicht 28.12.2018 15:29:00
- Zuletzt bearbeitet 21.11.2024 03:50:35
A cross-site request forgery (CSRF) vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication.