5.5
CVE-2024-34126 - ZDI-CAN-24028: Adobe Dimension USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerabiβ¦
Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must oβ¦
7.8
CVE-2024-20789 - ZDI-CAN-24030: Adobe Dimension SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Dimension versions 3.4.11 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
7.8
CVE-2024-34124 - ZDI-CAN-24031: Adobe Dimension SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerabiβ¦
Dimension versions 3.4.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
5.5
CVE-2024-20790 - Adobe Dimension Memory Corruption Out-of-Bounds-READ Vulnerability I, when parsing FBX file
Dimension versions 3.4.11 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must oβ¦
8.7
CVE-2024-39792 - NGINX Plus MQTT vulnerability
When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization.Β Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
6.3
CVE-2024-37028 - BIG-IP Next Central Manager vulnerability
BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been logged in.Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
8.9
CVE-2024-39809 - BIG-IP Next Central Manager vulnerability
The Central Manager user session refresh token does not expire when a user logs out.Β Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
5.1
CVE-2024-41719 - BIG-IP Next Central Manager vulnerability
When generating QKView of BIG-IP Next instance from the BIG-IP Next Central Manager (CM), F5 iHealth credentials will be logged in the BIG-IP Central Manager logs.Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
8.7
CVE-2024-41727 - BIG-IP TMM vulnerability
In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition (VEs) using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization.Β Β Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
8.2
CVE-2024-41164 - BIG-IP MPTCP vulnerability
When TCP profile with Multipath TCP enabled (MPTCP) is configured on a Virtual Server, undisclosed traffic along with conditions beyond the attackers control can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.