6294 matches found
SOL80513384 - Apache HTTPD vulnerability CVE-2016-5387
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17494 - PAM vulnerability CVE-2015-3238
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17171 - OpenJDK vulnerability CVE-2015-2628
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17157 - Apache HTTP server vulnerability CVE-2015-0228
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16794 - CUPS vulnerabilities CVE-2015-1158 / CVE-2015-1159
CVE-2015-1158 A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operations, allowing a replacement configuration file to be uploaded, which in...
SOL16348 - tftp-hpa vulnerability CVE-2011-2199
Buffer overflow in tftp-hpa before 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the utimeout option. CVE-2011-2199...
SOL15580 - Apache CXF and JBoss vulnerabilities
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
K82907233: PHP vulnerability CVE-2017-5340
Security Advisory Description Zend/zendhash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service integer overflow, uninitialized memory access, and use of...
K74977440: PHPMailer vulnerability CVE-2016-10033
Security Advisory Description The mailSend function in the isMail transport in PHPMailer before 5.2.18, when the Sender property is not set, might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " backslash double quote in a crafte...
K40521234: Multiple Oracle Java SE vulnerabilities
Security Advisory Description CVE-2016-3458 Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA. CVE-2016-3498 Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 allows remot...
K54296221: Apache httpd vulnerability CVE-2018-17199
Security Advisory Description In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expiry time to be ignored for modsessioncookie sessions since the expiry time is loaded when the session is decoded...
K14907: MySQL Server vulnerability CVE-2012-3163
Security Advisory Description Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema. CVE-2012-31...
K45164470: Linux kernel vulnerability CVE-2022-36946
Security Advisory Description nfqnlmangle in net/netfilter/nfnetlinkqueue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service panic because, in the case of an nfqueue verdict with a one-byte nftapayload attribute, an skbpull can encounter a negative skb-len...
K38453823: Apache vulnerability CVE-2021-31618
Security Advisory Description Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client...
K69124112: PostgreSQL JDBC vulnerability CVE-2022-21724
Security Advisory Description pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was found in the jdbc driver for postgresql database while doing security research. The system using the postgresql library will be attacked when attacker control the jdbc url or properties. pgjdbc...
K05295469: Expat vulnerability CVE-2019-15903
Security Advisory Description In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber then resulted in a heap-based buffer over-read. CVE-2019-15903...
K78285929: BIND vulnerability CVE-2021-25220
Security Advisory Description BIND 9.11.0 - 9.11.36 9.12.0 - 9.16.26 9.17.0 - 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 - 9.11.36-S1 9.16.8-S1 - 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected...
K51272092: MySQL vulnerabilities CVE-2019-2730, CVE-2019-2731, CVE-2019-2737, CVE-2019-2738, and CVE-2019-2739
Security Advisory Description CVE-2019-2730 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.6.44 and prior and 5.7.18 and prior. Easily exploitable vulnerability allows high privileged attacker with...
K20072454: Linux kernel vulnerability CVE-2021-43267
Security Advisory Description An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication TIPC functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSGCRYPTO message type...
K12772312: Apache Hadoop vulnerability CVE-2017-7669
Security Advisory Description In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root. CVE-2017-7669 Impact There is no...
K56450659: Linux kernel vulnerability CVE-2017-11176
Security Advisory Description The mqnotify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service use-after-free or possibly have unspecified...
K93600123: OpenSSL vulnerability CVE-2016-2107
Security Advisory Description The AES-NI implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h does not consider memory allocation during a certain padding check, which allows remote attackers to obtain sensitive cleartext information via a padding-oracle attack against an AES CBC...
K16863: Apache vulnerability CVE-2013-5704
Security Advisory Description The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in...
Intel CPU vulnerability CVE-2021-0091
Improper access control in the firmware for some IntelR Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access. CVE-2021-0091 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The...
SOL17460 - OpenLDAP vulnerability CVE-2015-6908
Recommended Action If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently...
SOL16135 - OpenSSL vulnerability CVE-2015-0205
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15605 - XML Entity Injection vulnerabilities CVE-2014-6032 and CVE-2014-6033
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL14700 - BIG-IP APM clickjacking vulnerability
Note: This issue has been addressed in BIG-IP APM 11.3.0 and later through the use of the x-frame-options header in the Access Policy pages. Modifying a BIG-IP APM 11.3.0 or later system dB variable settings for apm.xframeoptions or apm.xframeoptions.allowfrom from their defaults may open the...
K25225860: Linux kernel vulnerabilities CVE-2019-6454, CVE-2020-12888, and CVE-2020-36385
Security Advisory Description CVE-2019-6454 An issue was discovered in sd-bus in systemd 239. busprocessobject in libsystemd/sd-bus/bus-objects.c allocates a variable-length stack buffer for temporarily storing the object path of incoming D-Bus messages. An unprivileged local user can exploit thi...
K17263: OpenSSH vulnerabilities CVE-2015-6563 and CVE-2015-6564
Security Advisory Description CVE-2015-6563 The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITORREQPAMINITCTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction...
K13184144: Apache Tomcat vulnerability CVE-2019-0221
Security Advisory Description The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 echoes user provided data without escaping and is, therefore, vulnerable to XSS. SSI is disabled by default. The printenv command is intended for debugging and is...
K95275140: OS Kernel and SMM mode L1 Terminal Fault vulnerability CVE-2018-3620
Security Advisory Description Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel analysis...
K00334558: OpenSSL vulnerability CVE-2022-1473
Security Advisory Description The OPENSSLLHflush function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries. This function is used when decoding certificates or keys. If a long lived process periodically decodes certificates or...
K32485746: OpenSSH vulnerability CVE-2016-10708
Security Advisory Description sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. CVE-2016-10708 Impact This vulnerability...
K35040315: glibc vulnerability CVE-2016-10739
Security Advisory Description In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a...
SOL08039035 - MySQL vulnerability CVE-2015-4910
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
K000139353: aiohttp vulnerability CVE-2024-23334
Security Advisory Description aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'followsymlinks' can be used to...
K51663510: Apache Tomcat vulnerability CVE-2016-5388
Security Advisory Description Apache Tomcat through 8.5.4, when the CGI Servlet is enabled, follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTPPROXY environment variable, which might allow remote attackers to redirect ...
K08152433: Intel processors MMIO stale data vulnerability CVE-2022-21166
Security Advisory Description Incomplete cleanup in specific special register write operations for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2022-21166 Impact Successful exploitation of this vulnerability can lead to...
K43700555: GNU C Library (glibc) vulnerability CVE-2021-33574
Security Advisory Description The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service...
K37603172: Samba vulnerabilities CVE-2015-5370 and CVE-2016-2118
Security Advisory Description CVE-2015-5370 Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implement the DCE-RPC layer, which allows remote attackers to perform protocol-downgrade attacks, cause a denial of service application crash or CPU consumptio...
K23642330: Multiple WPA2 vulnerabilities (KRACK)
Security Advisory Description CVE-2017-13077 Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the pairwise key in the four-way handshake. CVE-2017-13078 Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Group Temporal Key GTK during the four-way handshake, allowing an...
K17315: SNMP vulnerability CVE-2014-3565
Security Advisory Description snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service snmptrapd crash via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrate...
K48131150: Linux kernel vulnerability CVE-2019-19065
Security Advisory Description A memory leak in the sdmainit function in drivers/infiniband/hw/hfi1/sdma.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service memory consumption by triggering rhashtableinit failures, aka CID-34b3be18a04e. CVE-2019-19065 Impact There is n...
K43339432: Linux kernel vulnerability CVE-2017-17449
Security Advisory Description The netlinkdelivertapskb function in net/netlink/afnetlink.c in the Linux kernel through 4.14.4, when CONFIGNLMON is enabled, does not restrict observations of Netlink messages to a single net namespace, which allows local users to obtain sensitive information by...
K62201745: OpenSSH vulnerability CVE-2016-10012
Security Advisory Description The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allow local users to gain privileges by leveraging access to a sandboxed...
K16562029: Linux kernel vulnerability CVE-2016-3841
Security Advisory Description The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and system crash via a crafted sendmsg system call.CVE-2016-3841 Impact There is no impact; F5 products ar...
K16470: Linux kernel vulnerability CVE-2002-0510
Security Advisory Description The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. CVE-2002-0510 Impact There is no impact; F5 products are not...
K34468163: Apache Tomcat vulnerability CVE-2018-8034
Security Advisory Description The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88. CVE-2018-8034 Impact A user on the local...
K55245232: GNU glibc vulnerability CVE-2014-9984
Security Advisory Description nscd in the GNU C Library aka glibc or libc6 before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as the user running nscd. CVE-2014-9984 Impact The...