PreviousNext |
CVE-2014-9636: unzip out-of-bounds allows remote attackers to cause read/write/crash in test_compr_eb() in extract.c |
2017-10-31 |
CVE-2011-1201, CVE-2011-3970, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871: multiple vulnerabilities in libxslt. |
2017-10-31 |
CVE-2011-5321, CVE-2015-1593, CVE-2015-2830, CVE-2015-2922, CVE-2015-3636: multiple vulnerabilities in dracut. |
2017-10-31 |
CVE-2012-5669: freetype has a vulnerability due to out of bounds read. |
2017-10-31 |
CVE-2013-4288: polkit has a race condition vulnerability. |
2017-10-31 |
CVE-2014-3634: rsyslog remote denial of service with crafted priority value. |
2017-10-31 |
CVE-2013-4449: openldap improper reference counting vulnerability. |
2017-10-31 |
CVE-2012-2137: Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel. |
2017-10-31 |
CVE-2014-3688: The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue |
2017-10-31 |
When the caching DNS server is enabled, it is vulnerable to CVE-2016-9131, CVE-2016-9147, CVE-2016-9444 denial of service attacks (assertion failure). |
2017-10-31 |
CVE-2016-2776, CVE-2016-2848, CVE-2016-9147, CVE-2016-8864: Denial of service flaws found in BIND. |
2017-10-09 |
CVE-2016-7431: ntpd has a remote denial of service vulnerability. CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7433, CVE-2016-7434, CVE-2016-9310, CVE-2016-9312 are not applicable or are a low security risk. |
2017-10-09 |
CVE-2016-6313: A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to
obtain the first 580 bytes of the PRNG output can predict the following 20 bytes. |
2017-10-09 |
CVE-2016-8864: Caching DNS server, if enabled (not enabled by default), is vulnerable to denial of service attack. |
2017-10-09 |
curl .47.1 has various vulnerabilities as described at https://curl.haxx.se/docs/security.html . |
2017-10-09 |
CVE-2016-1285 and CVE-2016-1286 [BIND]: The BIND nameserver, used for the caching DNS feature, has vulnerabilities that can lead to a denial of service. |
2017-10-09 |
The help documentation pages in the webUI could report a clickjack vulnerability when undergoing a Nessus scan of the appliance, even though there was no risk to the actual webUI. |
2017-09-22 |
CVE-2015-1345: A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. |
2017-09-22 |
CVE-2013-0221, CVE-2013-0222, and CVE-2013-0223 coreutils: segfaults in sort and uniq |
2017-09-22 |
CVE-2012-3955: dhcp: reduced expiration time of an IPv6 lease may cause dhcpd to crash |
2017-09-22 |
CVE-2011-2504 x11perfcomp has dot in its path |
2017-09-22 |
CVE-2016-6321: GNU tar vulnerability |
2017-09-22 |
CVE-2017-3731, CVE-2017-3732, CVE-2016-7055: OpenSSL vulnerabilities. |
2017-09-22 |
CVE-2015-8126, CVE-2015-8472, CVE-2015-7981: libpng vulnerabilities. |
2017-09-22 |
CVE-2016-1248: vim vulnerability |
2017-09-22 |
CVE-2014-3566: SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack |
2017-09-06 |
CVE-2015-7236: rpcbind: Use-after-free vulnerability in PMAP_CALLIT |
2017-09-06 |
CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow |
2017-09-06 |
August 10, 2016, Riverbed security advisory for SteelHead and SteelFusion Edge for NetShark feature |
2017-08-30 |
OpenSSH before 7.2p2 has an X11 forwarding vulnerability CVE-2016-3115 (X11 forwarding is always off, so this vulnerability cannot be enabled on the appliances) |
2017-08-29 |
OpenSSL vulnerabilities described in https://www.openssl.org/news/secadv/20160922.txt . Note that CVE-2016-6304 is a high DoS, CVE-2016-6305 is a moderate DoS, and the others, including CVE-2016-2183 SWEET32 are low. |
2017-08-03 |
NTP vulnerabilities described at http://support.ntp.org/bin/view/Main/SecurityNotice#June_2016_ntp_4_2_8p8_NTP_Securi |
2017-06-01 |
OpenSSH before 7.3 has the following vulnerabilities, described in http://www.openssh.com/txt/release-7.3: CVE-2016-6515, CVE-2016-6210, CVE-2015-8325. |
2017-06-01 |
CVE-2016-2776: Potential BIND denial-of-service attack. |
2017-06-01 |
CVE-2016-0778 and CVE-2016-0777 - OpenSSH client-roaming buffer overflow vulnerability and information disclosure |
2017-04-12 |
Management Console denial of service with malicious requests |
2017-04-05 |
CVE-2017-5670, CVE-2017-7305, CVE-2017-7306, and CVE-2017-7307: Riverbed Security Advisory for the Secure Vault Feature |
2017-04-04 |
CVE-2015-6563/CVE-2015-6564 - PAM vulnerabilities in the sshd daemon. |
2017-03-29 |
CVE-2017-5638: Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload. Riverbed products are not vulnerable. |
2017-03-24 |
CVE-2015-7547: buffer overflow in glibc getaddrinfo call for DNS lookups. |
2017-03-15 |
PreviousNext |