High

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-24	CVE-2019-9077	Out-of-bounds Write vulnerability in multiple products An issue was discovered in GNU Binutils 2.32. local low complexity gnu netapp canonical f5 CWE-787	7.8
2019-02-24	CVE-2019-9070	Out-of-bounds Read vulnerability in multiple products An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. local low complexity gnu netapp canonical f5 CWE-125	7.8
2019-02-15	CVE-2019-6974	Use After Free vulnerability in multiple products In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free. network high complexity linux debian canonical f5 redhat CWE-416	8.1
2019-02-06	CVE-2018-16890	Integer Overflow or Wraparound vulnerability in multiple products libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. network low complexity haxx canonical debian netapp siemens oracle redhat f5 CWE-190	7.5
2019-02-05	CVE-2019-6590	Unspecified vulnerability in F5 Big-Ip Local Traffic Manager On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic. network f5	7.1
2019-01-07	CVE-2018-1320	Improper Certificate Validation vulnerability in multiple products Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. network low complexity apache debian f5 oracle CWE-295	7.5
2018-12-20	CVE-2018-15330	Improper Input Validation vulnerability in F5 products On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal error and may cause the Traffic Management Microkernel (TMM) to produce a core file. network low complexity f5 CWE-20	7.8
2018-11-07	CVE-2018-16844	Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. network low complexity f5 debian canonical apple CWE-400	7.8
2018-11-07	CVE-2018-16843	Resource Exhaustion vulnerability in multiple products nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. network low complexity f5 debian canonical opensuse apple CWE-400	7.8
2018-10-31	CVE-2018-15319	Improper Input Validation vulnerability in F5 products On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.6, malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. network low complexity f5 CWE-20	7.8