6392 matches found
K40293611: Oracle Java SE vulnerability CVE-2022-21349
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerabili...
K73705133: Bash vulnerability CVE-2016-7543
Security Advisory Description Bash before 4.4 allows local users to execute arbitrary commands with root privileges via crafted SHELLOPTS and PS4 environment variables. CVE-2016-7543 Impact BIG-IP, F5 iWorkflow, BIG-IQ, and Enterprise Manager Impact is minimal for BIG-IP, iWorkflow, BIG-IQ, and...
K17503: PHP vulnerabilities CVE-2015-7803 and CVE-2015-7804
Security Advisory Description CVE-2015-7803 A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. CVE-2015-7804 An uninitialized pointer use flaw was found in the pharmakedirstream function of PHP's Ph...
K000132230: Java SE vulnerability CVE-2023-21835
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily...
K52322100: Authenticated F5 BIG-IP Guided Configuration integrity check in Appliance mode vulnerability CVE-2022-25946
Security Advisory Description When running in Appliance mode, an authenticated attacker with Administrator role privileges may be able to bypass Appliance mode restrictions due to a missing integrity check in F5 BIG-IP Guided Configuration. CVE-2022-25946 Impact In Appliance mode, an authenticate...
SOL52430518 - PHP vulnerability CVE-2016-6289
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL35239571 - PHP vulnerability CVE-2015-3329
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL74954302 - PHP vulnerability CVE-2016-2554
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL71245322 - NTP vulnerability CVE-2015-8138
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17315 - SNMP vulnerability CVE-2014-3565
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL17242 - Linux kernel SCTP vulnerability CVE-2015-1421
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. The BIG-IP/BIG-IQ/Enterprise Manager software contains vulnerable code SCTP kernel module, but the code is not enabled by...
SOL17136 - Java and JRockit vulnerabilities CVE-2015-0478 and CVE-2015-0488
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16946 - Boost memory allocator vulnerability CVE-2012-2677
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15899 - Multiple Apache vulnerabilities CVE-2012-4558, CVE-2012-0883, CVE-2011-3348, and CVE-2010-1452
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...
SOL15320 - Apache vulnerability CVE-2014-0098
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. ARX To mitigate th...
SOL13719 - Samba vulnerability CVE-2012-1182
Vulnerability Recommended Actions None Supplemental Information CVE-2012-1182 Note: The previous link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge. SOL9970: Subscribing to email notifications regarding F5 products SOL9957:...
SOL13519 - Multiple PHP vulnerabilities
Vulnerability Recommended Actions To mitigate this vulnerability, expose the administrative interface only on trusted networks and limit login access to trusted users. Impact of action: None. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957:...
K000138895: BIND vulnerability CVE-2023-5679
Security Advisory Description A bad interaction between DNS64 and serve-stale may cause named to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through...
K97324400: OpenSSL vulnerability CVE-2019-1563
Security Advisory Description In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypt...
K73422160: OpenSSL vulnerability CVE-2019-1547
Security Advisory Description Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible th...
K22141757: Artifex Ghostscript vulnerabilities CVE-2018-18284, CVE-2018-15910, CVE-2018-15911, and CVE-2018-16513
Security Advisory Description CVE-2018-18284 Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. CVE-2018-15910 In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a...
K63404203: Oracle Java SE vulnerability CVE-2018-11212
Security Advisory Description An issue was discovered in libjpeg 9a. The allocsarray function in jmemmgr.c allows remote attackers to cause a denial of service divide-by-zero error via a crafted file. CVE-2018-11212 Impact Traffix SDC An attacker can exploit this vulnerability to cause a denial o...
K16531: Linux kernel vulnerability CVE-2014-4027
Security Advisory Description The rdbuilddevicespace function in drivers/target/targetcorerd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdiskmcp memory by leveraging access to a SCSI...
K01043241: Linux kernel vulnerability CVE-2017-17448
Security Advisory Description net/netfilter/nfnetlinkcthelper.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared...
K07020416: Linux kernel vulnerability CVE-2017-18344
Security Advisory Description The timercreate syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent-sigevnotify field, which leads to out-of-bounds access in the showtimer function called when /proc/$PID/timers is read. This...
K52510511: Advanced WAF/ASM buffer-overflow vulnerability CVE-2021-22992
Security Advisory Description A malicious HTTP response to an Advanced WAF/ASM virtual server with Login Page configured in its policy may trigger a buffer overflow, resulting in a DoS attack. In certain situations, it may allow remote code execution RCE, leading to complete system compromise...
K75133288: Linux kernel vulnerability CVE-2021-33909
Security Advisory Description fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. CVE-2021-33909 Impact...
K61294700: Linux kernel vulnerability CVE-2020-27777
Security Advisory Description A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further...
K43638305: BIG-IP TMUI XSS vulnerability CVE-2020-5903
Security Advisory Description A Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. CVE-2020-5903 Impact An attacker can exploit this vulnerability to run JavaScript in the context of the currently logged-in user. In the case of an...
K65460334: Expat XML parser vulnerability CVE-2012-6702
Security Advisory Description Expat, when used in a parser that has not called XMLSetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. CVE-2012-6702 Impact An attacker m...
K83043359: Apache HTTPD vulnerability CVE-2017-3169
Security Advisory Description In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port. CVE-2017-3169 Impact When the vulnerability is exploited, the Apachehttpd...
K23702520: Linux kernel Vulnerability CVE-2020-25672
Security Advisory Description A memory leak vulnerability was found in Linux kernel in llcpsockconnect CVE-2020-25672 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for...
K15518610: Multiple OpenJDK vulnerabilities
Security Advisory Description CVE-2016-5546 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable...
K22322802: Grafana vulnerability CVE-2021-39226
Security Advisory Description Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the...
K31026324: Linux kernel vulnerabilities CVE-2015-2925, CVE-2015-5307, and CVE-2015-8104
Security Advisory Description CVE-2015-2925 The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protection mechanism by renaming a directory, related to a...
SOL11853211 - Multiple Linux kernel vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL51920288 - OpenSSL vulnerability CVE-2016-2105
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17173 - OpenJDK vulnerability CVE-2015-4760
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15894 - Apache vulnerabilities CVE-2012-4557 and CVE-2012-0021
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL14909 - OpenSSL vulnerability CVE-2013-4248
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy...
SOL13588 - PHP vulnerability CVE-2011-4885
Recommended action BIG-IP To mitigate this vulnerability, expose the administrative interface only on trusted networks and limit login access to trusted users. FirePass For information about hotfix status, contact F5 Technical Support. Supplemental Information CVE-2011-4885 SOL9970: Subscribing t...
SOL6878 - Apache Rewrite module (mod_rewrite) vulnerabilities CVE-2006-3747
This security advisory describes an off-by-one error, which means the bits are shifted to the left or the right by one value, in the LDAP scheme handling of the Apache Rewrite module. The vulnerability within the Apache Rewrite module allows remote attackers to cause a Denial of Service attack or...
K000138744: BIG-IP APM browser network access VPN client vulnerability CVE-2024-28883
Security Advisory Description An origin validation vulnerability exists in the BIG-IP APM browser network access VPN client, which may allow an attacker to bypass F5 endpoint inspection. CVE-2024-28883 Impact A remote unauthenticated attacker with a man-in-the-middle MITM position may exploit thi...
K000138990: BIND vulnerability CVE-2023-4408
Security Advisory Description The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting thi...
K18407453: Glib vulnerabilities CVE-2018-10767, CVE-2019-12450, and CVE-2019-19126
Security Advisory Description CVE-2018-10767 There is a stack-based buffer over-read in calling GLib in the function gxpsimagesguesscontenttype of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a ginputstreamread call. A crafted input will lead to a...
K15680: Linux kernel vulnerabilities CVE-2014-3917, CVE-2014-0205 and CVE-2014-4667
Security Advisory Description Description CVE-2014-3917 kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS via...
K94700053: Intel AMT vulnerability CVE-2017-5689
Security Advisory Description An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology AMT and Intel Standard Manageability ISM. An unprivileged local attacker could provision manageability features gaining...
K46444421: Linux Kernel Vulnerability CVE-2019-9458
Security Advisory Description In the Android kernel in the video driver there is a use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. CVE-2019-9458 Impact There i...
K15899: Multiple Apache vulnerabilities CVE-2012-4558, CVE-2012-0883, CVE-2011-3348, and CVE-2010-1452
Security Advisory Description CVE-2010-1452 The 1 modcache and 2 moddav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service process crash via a request that lacks a path. CVE-2011-3348 The modproxyajp module in the Apache HTTP Server before...
K13993: Cross-site URL redirection attack vulnerability CVE-2009-4017
Security Advisory Description F5 FirePass SSL VPN contains a flaw that allows a remote cross-site redirection attack. This flaw exists because the application does not validate the refreshURL parameter upon submission to the my.activation.cns.php3 script. As a result, a user could create a URL...