F5

Big-ip Global Traffic Manager

410 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2019-6594

  • EPSS 0.65%
  • Veröffentlicht 26.02.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:46:46

On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and 14.0.0-14.0.0.2, Multi-Path TCP (MPTCP) does not protect against multiple zero length DATA_FINs in the reassembly queue, which can lead to an infinite loop in some circumstances.

7.8

CVE-2019-9075

Exploit
  • EPSS 0.22%
  • Veröffentlicht 24.02.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:56

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c.

6.1

CVE-2019-8331

  • EPSS 2.29%
  • Veröffentlicht 20.02.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:49:42

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.

8.1

CVE-2019-6974

Exploit
  • EPSS 7.22%
  • Veröffentlicht 15.02.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:47:20

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

6.1

CVE-2019-6589

  • EPSS 0.29%
  • Veröffentlicht 14.02.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:46:45

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP c...

5.5

CVE-2018-15333

  • EPSS 0.13%
  • Veröffentlicht 28.12.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:50:35

On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snapshot files on the BIG-IP configuration utility such...

7.2

CVE-2018-15329

  • EPSS 0.28%
  • Veröffentlicht 20.12.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:50:34

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, r...

7.8

CVE-2018-15330

  • EPSS 0.61%
  • Veröffentlicht 20.12.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:50:34

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal error and may cause the Traffic Management Microkerne...

7.5

CVE-2018-15328

  • EPSS 2.18%
  • Veröffentlicht 12.12.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:50:34

On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Se...

7.5

CVE-2018-15317

  • EPSS 0.82%
  • Veröffentlicht 31.10.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:50:32

In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.2.1-11.6.3.2, an attacker sending specially crafted SSL records to a SSL Virtual Server will cause corruption in the SSL data structures leading to intermittent decrypt BAD_RECORD_MA...