Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2016-01-12	CVE-2015-8098	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in F5 Big-Ip Access Policy Manager F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow remote attackers to cause a denial of service or execute arbitrary code via unspecified vectors related to processing a Citrix Remote Desktop connection through a virtual server configured with a remote desktop profile, aka an "Out-of-bounds memory vulnerability." network low complexity f5 CWE-119 critical	9.8
2014-09-25	CVE-2014-7169	OS Command Injection vulnerability in multiple products GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. network low complexity gnu arista oracle qnap mageia redhat suse opensuse debian ibm canonical novell checkpoint f5 citrix apple vmware CWE-78 critical	9.8
2014-09-24	CVE-2014-6271	OS Command Injection vulnerability in multiple products GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix. network low complexity gnu arista oracle qnap mageia redhat suse opensuse debian ibm canonical novell checkpoint f5 citrix apple vmware CWE-78 critical	9.8
2012-05-24	CVE-2011-3188	The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets. network low complexity linux redhat f5 critical	9.1