Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-19 CVE-2018-5535 Improper Input Validation vulnerability in F5 products
On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resulting in a Denial of Service.
network
low complexity
f5 CWE-20
7.5
2018-07-19 CVE-2018-5534 Improper Input Validation vulnerability in F5 products
Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.
network
low complexity
f5 CWE-20
7.5
2018-07-19 CVE-2018-5533 Improper Input Validation vulnerability in F5 products
Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.
network
low complexity
f5 CWE-20
7.5
2018-07-19 CVE-2018-14404 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case.
network
low complexity
canonical debian xmlsoft CWE-476
7.5
2018-07-19 CVE-2017-2673 Unspecified vulnerability in Redhat Openstack 10/9
An authorization-check flaw was discovered in federation configurations of the OpenStack Identity service (keystone).
network
low complexity
redhat
7.2
2018-07-19 CVE-2018-14402 Out-of-bounds Write vulnerability in Axmldec Project Axmldec 1.2.0
axmldec 1.2.0 has an out-of-bounds write in the jitana::axml_parser::parse_start_namespace function in lib/jitana/util/axml_parser.cpp.
network
low complexity
axmldec-project CWE-787
7.5
2018-07-19 CVE-2018-14401 Out-of-bounds Read vulnerability in Axml Parser Project Axml Parser 20180104
CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read.
network
low complexity
axml-parser-project CWE-125
7.5
2018-07-19 CVE-2018-14370 Out-of-bounds Read vulnerability in Wireshark
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash.
network
low complexity
wireshark CWE-125
7.5
2018-07-19 CVE-2018-14369 Improper Input Validation vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the HTTP2 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
2018-07-19 CVE-2018-14368 Infinite Loop vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5