Vulnerabilities > F5 > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-24 | CVE-2019-9077 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in GNU Binutils 2.32. | 7.8 |
2019-02-24 | CVE-2019-9070 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. | 7.8 |
2019-02-15 | CVE-2019-6974 | Use After Free vulnerability in multiple products In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. | 8.1 |
2019-02-06 | CVE-2018-16890 | Integer Overflow or Wraparound vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. | 7.5 |
2019-02-05 | CVE-2019-6590 | Unspecified vulnerability in F5 Big-Ip Local Traffic Manager On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic. network f5 | 7.1 |
2019-01-07 | CVE-2018-1320 | Improper Certificate Validation vulnerability in multiple products Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. | 7.5 |
2018-12-20 | CVE-2018-15330 | Improper Input Validation vulnerability in F5 products On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal error and may cause the Traffic Management Microkernel (TMM) to produce a core file. | 7.8 |
2018-11-07 | CVE-2018-16844 | Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. | 7.8 |
2018-11-07 | CVE-2018-16843 | Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. | 7.8 |
2018-10-31 | CVE-2018-15319 | Improper Input Validation vulnerability in F5 products On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. | 7.8 |