6392 matches found
K22340570: Linux kernel vulnerability CVE-2017-1000253
Security Advisory Description Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 committed on April 14, 2015. This kernel vulnerability was fixed in April 2015 by commit...
K14649763: Overview of F5 vulnerabilities (August 2022)
Security Advisory Description On August 3, 2022, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated...
K02412162: PHP vulnerability CVE-2019-6977
Security Advisory Description gdImageColorMatch in gdcolormatch.c in the GD Graphics Library aka LibGD 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an...
K58084500: Apache Tomcat 6.x vulnerabilities CVE-2016-0714
Security Advisory Description The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute...
K13600: SSH vulnerability CVE-2012-1493
Security Advisory Description A platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using secure shell SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH...
K15402727: cURL vulnerability CVE-2020-8286
Security Advisory Description curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. CVE-2020-8286 Impact An attacker could provide a forged OCSP response to the F5 product that has made the request with curl...
K20072454: Linux kernel vulnerability CVE-2021-43267
Security Advisory Description An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication TIPC functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSGCRYPTO message type...
K90803619: Linux kernel vulnerability CVE-2016-6136
Security Advisory Description Race condition in the auditlogsingleexecvearg function in kernel/auditsc.c in the Linux kernel through 4.7 allows local users to bypass intended character-set restrictions or disrupt system-call auditing by changing a certain string, aka a "double fetch" vulnerabilit...
K11742512: BIND vulnerability CVE-2022-2795
Security Advisory Description By flooding the target resolver with queries exploiting this flaw an attacker can significantly impair the resolver's performance, effectively denying legitimate clients access to the DNS resolution service. CVE-2022-2795 Impact A flaw in resolver code can cause name...
K03121171: Apache Tomcat vulnerability CVE-2020-9484
Security Advisory Description When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a...
K15412203: Linux kernel vulnerability CVE-2017-1000365
Security Advisory Description The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMITSTACK/RLIMINFINITY 1/4 of the size, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. Thi...
K94735334: Linux kernel vulnerability CVE-2018-10883
Security Advisory Description A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2journaldirtymetadata, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. CVE-2018-10883 Impact A local user...
K19785240: Bootstrap vulnerability CVE-2018-14042
Security Advisory Description In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. CVE-2018-14042 Impact An attacker may exploit this vulnerability to perform a cross-site scripting XSS attack. Security Advisory Status F5 Product Development has assigned ID 767373...
K91643220: Java vulnerabilities CVE-2020-2659 and CVE-2020-2773
Security Advisory Description CVE-2020-2659 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacke...
K16128: Microsoft Schannel vulnerability CVE-2014-6321
Security Advisory Description Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via crafted...
SOL71960814 - OpenSSH vulnerability CVE-2016-1908
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
K28360903: Linux Kernel vulnerability CVE-2021-28375
Security Advisory Description An issue was discovered in the Linux kernel through 5.11.6. fastrpcinternalinvoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. CVE-2021-28375 Impact Ther...
K27757011: Apache HTTPD vulnerability CVE-2017-15715
Security Advisory Description In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally...
K16057: GHOST: glibc gethostbyname buffer overflow vulnerability CVE-2015-0235
Security Advisory Description A heap-based buffer overflow was found in glibc's nsshostnamedigitsdots function, which is used by the gethostbyname and gethostbyname2 glibc function calls. A remote attacker may be able to use this flaw to execute arbitrary code. CVE-2015-0235 Impact A remote...
K63603485: Linux kernel vulnerability CVE-2022-0847
Security Advisory Description A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copypagetoiterpipe and pushpipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to...
K23456112: Python urllib3 vulnerability CVE-2021-33503
Security Advisory Description An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the authority component, the authority regular expression exhibits catastrophic backtracking, causing a denial of service if a URL were passed as a parameter or...
K31864522: Linux kernel vulnerability CVE-2019-9162
Security Advisory Description In the Linux kernel before 4.20.12, net/ipv4/netfilter/nfnatsnmpbasicmain.c in the SNMP NAT module has insufficient ASN.1 length checks aka an array index error, making out-of-bounds read and write operations possible, leading to an OOPS or local privilege escalation...
K48073202: Linux kernel vulnerability CVE-2017-18551
Security Advisory Description An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2csmbusxferemulated. CVE-2017-18551. Impact This vulnerability may allow an attacker to overwrite memory beyond the intended...
K54436295: Linux kernel vulnerability CVE-2018-17182
Security Advisory Description An issue was discovered in the Linux kernel through 4.18.8. The vmacacheflushall function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain thread creation, map, unmap, invalidatio...
K4616: BSD telnet environment vulnerability CAN-2005-0488
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K16908: Apache HTTPD vulnerability CVE-2011-4415
Security Advisory Description The appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of servi...
K20979231: Apache vulnerability CVE-2011-3639
Security Advisory Description The modproxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of 1 RewriteRule and 2 ProxyPassMatch pattern matches for configuration of a reverse proxy,...
SOL36302720 - Apache Tomcat vulnerability CVE-2016-6797
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17448 - OpenSSH vulnerability CVE-2001-1473
Recommended Action If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently...
SOL15493 - OpenSSH vulnerability CVE-2006-5229
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL14229 - OpenSSH vulnerability CVE-2007-2768
Recommended action None Supplemental Information Common Vulnerabilities and Exposures CVE-2007-2243 SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response...
K000138827: OpenSSH vulnerability CVE-2023-51385
Security Advisory Description In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell...
K000138825: OpenSSH vulnerability CVE-2023-51384
Security Advisory Description In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token...
K34931053: OpenSMTPD vulnerability CVE-2020-7247
Security Advisory Description smtpmailaddr in smtpsession.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the...
K08152433: Intel processors MMIO stale data vulnerability CVE-2022-21166
Security Advisory Description Incomplete cleanup in specific special register write operations for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-21166 Impact Successful exploitation of this vulnerability can lead to...
K23073482: Nginx vulnerabilities CVE-2016-0742, CVE-2016-0746, and CVE-2016-0747
Security Advisory Description CVE-2016-0742 The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service invalid pointer dereference and worker process crash via a crafted UDP DNS response. CVE-2016-0746 Use-after-free vulnerability in the resolv...
K14634: SSL/TLS BREACH vulnerability CVE-2013-3587
Security Advisory Description The BREACH vulnerability allows attackers to discover secrets wrapped in HTTP compression inside of SSL. By injecting plaintext into an HTTPS request, an attacker can learn information about the corresponding HTTPS response by measuring its size. This action relies o...
K35558453: Intel SGX L1 Terminal Fault vulnerability CVE-2018-3615
Security Advisory Description Systems with microprocessors utilizing speculative execution and Intel software guard extensions Intel SGX may allow unauthorized disclosure of information residing in the L1 data cache from an enclave to an attacker with local user access via a side-channel analysis...
SOL64505405 - NTP vulnerability CVE-2016-4956
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16348 - tftp-hpa vulnerability CVE-2011-2199
Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option. CVE-2011-2199...
SOL15580 - Apache CXF and JBoss vulnerabilities
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
K82907233: PHP vulnerability CVE-2017-5340
Security Advisory Description Zend/zendhash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service integer overflow, uninitialized memory access, and use of...
K74151369: Appliance Mode authenticated iControl REST vulnerability CVE-2021-23015
Security Advisory Description When running in Appliance Mode, an authenticated user assigned the 'Administrator' role may be able to bypass Appliance Mode restrictions utilizing undisclosed iControl REST endpoints. CVE-2021-23015 Note : This vulnerability is unrelated to the vulnerability describ...
K13184144: Apache Tomcat vulnerability CVE-2019-0221
Security Advisory Description The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is...
K46057232: Swift Mailer vulnerability CVE-2016-10074
Security Advisory Description The mail transport aka SwiftTransportMailTransport in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double quote in a crafted e-mail address in the 1 From,...
K42830212: BIG-IP SIP ALG profile vulnerability CVE-2020-5926
Security Advisory Description A BIG-IP virtual server with a Session Initiation Protocol SIP ALG profile, parsing SIP messages that contain a multi-part MIME payload with certain boundary strings can cause TMM to free memory to the wrong cache.CVE-2020-5926 Impact This vulnerability leads to futu...
K31700032: Linux kernel vulnerability CVE-2021-29657
Security Advisory Description arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a756. This occurs because of a TOCTOU race condition associated with a...
Intel CPU vulnerability CVE-2021-0091
Improper access control in the firmware for some IntelR Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access. CVE-2021-0091 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The...
SOL92991044 - lwresd and bind vulnerability CVE-2016-2775
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15605 - XML Entity Injection vulnerabilities CVE-2014-6032 and CVE-2014-6033
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...