You can use the Security Finder to search for security issues and their impact on Riverbed products. This page is continuously updated,displaying the most current public security issues first. The search box can be used to look up records by specific CVE numbers or relevant search word, e.g. Apache, 8.5.0, Workaround. For additional search tips, refer to article S16165. Security issues listed here are categorized into three groups: fixed, workaround recommended and not applicable.

For general security topics, security best practices and other security related topics, also try searching our Knowledge Base.

BETA FEATURE:  This feature is currently under development and is considered Beta Software.  We are still enhancing the features and results so please exercise caution when interpreting and implementing the results.  If you have any questions, please open a case with Riverbed Support.  If you have feedback for this tool, please send it to

Riverbed Technology is committed to protecting customers against vulnerabilities in our supported products. Vulnerabilities are addressed in accordance to the software support policy.

For search tips, read article S16165.
TitleLast Modified
CVE-2018-6927: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact. 2018-08-20
CVE-2017-9242: Potential local user denial of service attack. 2018-08-15
CVE-2017-0605: Linux kernel trace privilege elevation. 2018-08-15
CVE-2017-1000380: Potential information disclosure. 2018-08-15
CVE-2010-5329: Potential DOS attack with kernel driver. 2018-08-15
CVE-2017-14106: Potential DOS attack. 2018-08-15
CVE-2017-14489: Potential DOS attack due to incorrect length validation. 2018-08-15
CVE-2015-5156: Potential DOS attack via crafted fragmentation packets. 2018-08-15
CVE-2017-9076: Potential local user denial of service attack. 2018-08-15
CVE-2017-9075: Potential local user denial of service attack. 2018-08-15
CVE-2017-9074: Potential local user denial of service attack. 2018-08-15
CVE-2017-7542: Potential denial of service attack. 2018-08-15
CVE-2017-11473: Buffer overflow potential in ACPI table. 2018-08-15
CVE-2017-11176: Potential denial of service attack. 2018-08-15
CVE-2017-7472: Potential DOS attack via a series of KEY_REQKEY_DEFL_THREAD_KEYRING keyctl_set_reqkey_keyring calls. 2018-08-15
CVE-2015-9004: Potential privilege escalation. 2018-08-15
CVE-2017-5986: Potential DOS attack with threaded applications. 2018-08-15
CVE-2017-6951: Potential local user denial of service attack. 2018-08-15
CVE-2017-1000111: Linux kernel packet_set_ring() race condition lets local users obtain root privileges. 2018-08-09
CVE-2017-18079 : race condition leading to denial of service or possible arbitrary code execution 2018-08-09
CVE-2018-5332: kernel: rds_message_alloc_sgs() function doesn't validate value used during DMA page allocation, causing heap out-of-bounds write. 2018-08-09
CVE-2018-5333: kernel: Null pointer dereference in rds_atomic_free_op() allows denial of service. 2018-08-09
CVE-2017-16939 : The XFRM dump policy implementation allowed local users to gain privileges or cause a denial of service 2018-08-08
CVE-2017-18203: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service. 2018-08-08
NTP before 4.2.8p11 has security vulnerabilities described at 2018-08-03
The nginx proxy server has a security vulnerability CVE-2016-4450: NULL pointer de-reference while writing to client request body. 2018-08-03
CVE-2017-16531: Local denial of service vulnerability. 2018-08-02
CVE-2017-16994: kernel:mm/pagewalk.c:walk_hugetlb_range function mishandles holes in hugetlb ranges causing information leak. 2018-08-02
CVE-2017-12192: kernel: NULL pointer dereference due to KEYCTL_READ on negative key. 2018-08-02
CVE-2017-16526: Invalid pointer dereference results in DOS by local user. 2018-08-02
CVE-2017-16533: Local denial of service vulnerability. 2018-08-02
CVE-2017-15274: Local denial of service vulnerability. 2018-08-02
CVE-2017-1000253 : kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary 2018-08-02
CVE-2017-1000407:Linux kernel >= 2.6.32 DoS by flooding diagnostic port 0x80 (Intel x86) 2018-08-02
CVE-2017-12190: Memory leak when merging small consecutive buffers in SCSI I/O vectors. 2018-08-02
OpenSSH < 7.4 is vulnerable to CVE-2016-10012, relating to pre-authentication compression. 2018-07-30
CVE-2017-8817, CVE-2017-8816: Upgrade curl to 7.57.0. 2018-07-27
Appliance allows an authenticated user to display any arbitrary file. 2018-07-23
CVE-2018-7492: Null pointer dereference in net/rds/rdma.c:__rds_rdma_map() allows local attackers to cause denial of service. 2018-07-22
CVE-2017-8824: Linux kernel <= 4.14.3 dccp_disconnect() 2018-07-20