F5 Traffix Signaling Delivery Controller — known CVE vulnerabilities
Every CVE whose affected-product data names F5 Traffix Signaling Delivery Controller, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2018-20836 — CVSS 8.1 (high): An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in…
CVE-2019-9077 — CVSS 7.8 (high): An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS…
CVE-2019-5436 — CVSS 7.8 (high): A heap buffer overflow in the TFTP receiving code allows for DoS or arbitrary code execution in libcurl versions 7.19.4 through 7.64.1.
CVE-2019-9070 — CVSS 7.8 (high): An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in d_expression_1 in…
CVE-2018-14463 — CVSS 7.5 (high): The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 2, a different vulnerability…
CVE-2018-14469 — CVSS 7.5 (high): The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().
CVE-2019-16714 — CVSS 7.5 (high): In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack…
CVE-2018-1320 — CVSS 7.5 (high): Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the…
CVE-2018-16229 — CVSS 7.5 (high): The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().
CVE-2002-20001 — CVSS 7.5 (high): The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not…
CVE-2018-20657 — CVSS 7.5 (high): The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted…
CVE-2015-5738 — CVSS 7.5 (high): The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS…
CVE-2019-11477 — CVSS 7.5 (high): Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when…
CVE-2019-11479 — CVSS 7.5 (high): Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend…
CVE-2019-13050 — CVSS 7.5 (high): Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a…
CVE-2019-13565 — CVSS 7.5 (high): An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL authentication and session encryption, and relying on the SASL…
CVE-2018-14879 — CVSS 7.0 (high): The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().
CVE-2019-1559 — CVSS 5.9 (medium): If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive…
CVE-2020-5854 — CVSS 5.9 (medium): On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under…
CVE-2018-20002 — CVSS 5.5 (medium): The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU…
CVE-2019-11478 — CVSS 5.3 (medium): Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when…
CVE-2022-27662 — CVSS 4.8 (medium): On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Template Injection vulnerability…
CVE-2022-27880 — CVSS 4.8 (medium): On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored Cross-Site Scripting (XSS) vulnerability…