>

SECURITY FINDER

You can use the Security Finder to search for security issues and their impact on Riverbed products. This page is continuously updated,displaying the most current public security issues first. The search box can be used to look up records by specific CVE numbers or relevant search word, e.g. Apache, 8.5.0, Workaround. For additional search tips, refer to article S16165. Security issues listed here are categorized into three groups: fixed, workaround recommended and not applicable.

For general security topics, security best practices and other security related topics, also try searching our Knowledge Base.

BETA FEATURE:  This feature is currently under development and is considered Beta Software.  We are still enhancing the features and results so please exercise caution when interpreting and implementing the results.  If you have any questions, please open a case with Riverbed Support.  If you have feedback for this tool, please send it to supportfeedback@riverbed.com.

Riverbed Technology is committed to protecting customers against vulnerabilities in our supported products. Vulnerabilities are addressed in accordance to the software support policy. https://support.riverbed.com/content/support/about_support/end_of_life_policy.html
 

For search tips, read article S16165.
Search
Next
TitleLast Modified
CVE-2017-7494: Samba version 3.5.0 and later are vulnerable to remote code execution vulnerability. 2019-10-16
CVE-2017-12617: Packet Trace Warehouse 7.3-PL0 and earlier are vulnerable to JSP injection via a security flaw identified in Tomcat server 2019-10-09
CVE-2018-6927: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact. 2019-09-25
CVE-2017-12190: Memory leak when merging small consecutive buffers in SCSI I/O vectors. 2019-09-25
CVE-2017-1000253: kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary. 2019-09-25
CVE-2017-1000407: Linux kernel >= 2.6.32 DoS by flooding diagnostic port 0x80 (Intel x86). 2019-09-25
CVE-2017-1000111: Linux kernel packet_set_ring() race condition lets local users obtain root privileges. 2019-09-25
CVE-2017-8824: Linux kernel <= 4.14.3 dccp_disconnect() 2019-09-23
CVE-2017-18203: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service. 2019-09-23
CVE-2017-16939 : The XFRM dump policy implementation allowed local users to gain privileges or cause a denial of service 2019-09-23
CVE-2018-7492: Null pointer dereference in net/rds/rdma.c:__rds_rdma_map() allows local attackers to cause denial of service. 2019-09-19
CVE-2010-5328: Potential DOS attack within the Linux kernel. 2019-09-19
CVE-2017-13089, CVE-2017-13090: Upgrade wget to 1.19.2. 2019-09-18
OpenSSL 1.0.2n has several vulnerabilities. 2019-09-18
CVE-2017-8817, CVE-2017-8816: Upgrade curl to 7.57.0. 2019-08-30
CVE-2017-7502: A null pointer dereference flaw was found in the way NSS handles empty SSLv2 messages. 2019-08-19
CVE-2017-3143, CVE-2017-3142: vulnerabilities in BIND handling of TSIG authentication for dynamic updates. 2019-08-19
CVE-2017-8779: rpcbind through 0.2.4 and LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3 do not consider the maximum RPC data size during memory allocation for XDR strings. 2019-08-19
CVE-2017-3139: A denial of service flaw was found in the way BIND handled DNSSEC validation. 2019-08-19
CVE-2017-3136 and CVE-2017-3137: Potential denial of service attack. 2019-08-19
CVE-2017-5461: An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. 2019-08-19
CVE-2013-4312 - Kernel may allow an attacker to consume all file descriptors. 2019-08-12
CVE-2014-3673: The SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (system crash) via a malformed ASCONF chunk 2019-08-12
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution). 2019-06-24
Appliance allows an authenticated user to display any arbitrary file. 2019-06-24
OpenSSL before 1.0.2n has vulnerabilities CVE-2017-3737 and CVE-2017-3738 as described at https://www.openssl.org/news/secadv/20171207.txt. 2019-06-21
CVE-2018-1000005: libcurl contains an out bounds read in code handling HTTP/2 trailers. 2019-06-21
NTP before 4.2.8p11 has security vulnerabilities described at https://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S. 2019-06-21
CVE-2017-7805: A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. 2019-05-15
CVE_2017-1000101: curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. 2019-05-15
Heimdal prior to version 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification. 2019-04-17
CVE-2013-4312 - Kernel may allow an attacker to consume all file descriptors. 2019-03-21
CVE-2017-10989: The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read. 2019-01-25
CVE-2018-5333: kernel: Null pointer dereference in rds_atomic_free_op() allows denial of service. 2019-01-11
CVE-2017-18079: Race condition leading to denial of service or possible arbitrary code execution. 2019-01-11
CVE-2018-5332: kernel: rds_message_alloc_sgs() function doesn't validate value used during DMA page allocation, causing heap out-of-bounds write. 2019-01-11
CVE-2017-16533: Local denial of service vulnerability. 2019-01-11
CVE-2017-15274: Local denial of service vulnerability. 2019-01-11
CVE-2017-16531: Local denial of service vulnerability. 2019-01-11
CVE-2017-16526: Invalid pointer dereference results in DOS by local user. 2019-01-11
Next