Vulnerabilities > F5 > BIG IP Application Acceleration Manager > 11.6.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2018-5743 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. | 7.5 |
| 2019-10-03 | CVE-2018-14880 | Out-of-bounds Read vulnerability in multiple products The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). | 7.5 |
| 2019-10-03 | CVE-2018-14468 | Out-of-bounds Read vulnerability in multiple products The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). | 7.5 |
| 2019-09-25 | CVE-2019-6654 | Improper Input Validation vulnerability in F5 products On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11.6.5, the BIG-IP system fails to perform Martian Address Filtering (As defined in RFC 1812 section 5.3.7) on the control plane (management interface). | 3.3 |
| 2019-07-01 | CVE-2019-13135 | Use of Uninitialized Resource vulnerability in multiple products ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnerability in the function ReadCUTImage in coders/cut.c. | 8.8 |
| 2019-06-19 | CVE-2019-11479 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. | 7.5 |
| 2018-09-06 | CVE-2018-5391 | Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. | 7.5 |