6392 matches found
K13993: Cross-site URL redirection attack vulnerability CVE-2009-4017
Security Advisory Description F5 FirePass SSL VPN contains a flaw that allows a remote cross-site redirection attack. This flaw exists because the application does not validate the refreshURL parameter upon submission to the my.activation.cns.php3 script. As a result, a user could create a URL...
K95343321: Linux kernel vulnerability CVE-2018-5390
Security Advisory Description Linux kernel versions 4.9+ can be forced to make very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every incoming packet which can lead to a denial of service. CVE-2018-5390 also known as SegmentSmack Impact For products with vulnerable versions,...
K18657134: Linux kernel vulnerability CVE-2018-16871
Security Advisory Description A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic t...
K37661551: Unbound DNS Cache vulnerabilities CVE-2020-12662 and CVE-2020-12663
Security Advisory Description CVE-2020-12662 Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. CVE-2020-12663 Unbound before 1.10.1 has an infinite loop via malformed DNS answer...
K04454621: Linux kernel vulnerability CVE-2020-25671
Security Advisory Description A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations. CVE-2020-25671 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Statu...
K41309988: FreeIPA vulnerability CVE-2016-5404
Security Advisory Description The certrevoke command in FreeIPA does not check for the "revoke certificate" permission, which allows remote authenticated users to revoke arbitrary certificates by leveraging the "retrieve certificate" permission. CVE-2016-5404 Impact There is no impact; F5 product...
K34303485: Microarchitectural Data Sampling Uncacheable Memory (MDSUM) CVE-2019-11091
Security Advisory Description Microarchitectural Data Sampling Uncacheable Memory MDSUM: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11091...
K59313410: OpenSSL vulnerability CVE-2022-2274
Security Advisory Description The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X8664 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during...
K16909: BIND vulnerability CVE-2015-5477
Security Advisory Description An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit. CVE-2015-5477 Impact A remote attacker may be able...
K37526132: OpenSSL vulnerability CVE-2017-3731
Security Advisory Description If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when...
K11853211: Multiple Linux kernel vulnerabilities
Security Advisory Description CVE-2015-1339 Memory leak in the cusechannelrelease function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service memory consumption or possibly have unspecified other impact by opening /dev/cuse many times. CVE-2016-2384...
K04481502: Ghostscript vulnerability CVE-2021-3781
Security Advisory Description A trivial sandbox enabled with the -dSAFER option escape flaw was found in the ghostscript interpreter by injecting a specially crafted pipe command. This flaw allows a specially crafted document to execute arbitrary commands on the system in the context of the...
K15168792: Apache Struts 2 vulnerability CVE-2016-4438
Security Advisory Description The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression. CVE-2016-4438 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
K41320158: Apache vulnerability CVE-2021-26690
Security Advisory Description Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service CVE-2021-26690 Impact There is no impact; F5 products are not affected by this...
K51100910: rpcbind vulnerabilities CVE-2017-8779 and CVE-2017-8804
Security Advisory Description CVE-2017-8779 rpcbind through 0.2.4, LIBTIRPC through 1.0.1 and 1.0.2-rc through 1.0.2-rc3, and NTIRPC through 1.4.3 do not consider the maximum RPC data size during memory allocation for XDR strings, which allows remote attackers to cause a denial of service memory...
K40508224: Perl vulnerability CVE-2020-10878
Security Advisory Description Perl before 5.30.3 has an integer overflow related to mishandling of a "PLregkindOPn == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. CVE-2020-10878 Impact An attacker may be able to...
SOL90492697 - OpenSSL vulnerability CVE-2016-6306
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL30971148 - Apache Tomcat 6.x vulnerabilities CVE-2015-5174, CVE-2015-5345, CVE-2016-0706, and CVE-2016-0714
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL05428062 - pcregrep in PCRE vulnerability CVE-2015-8393
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL33209124 - OpenSSL vulnerability CVE-2015-3197
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17382 - OpenSSL vulnerability CVE-2010-4252
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15623 - GnuTLS vulnerability CVE-2009-5138
Recommended Action For affected ARX systems, F5 recommends that you expose the management interface only on trusted networks. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602:...
SOL2379 - Klima-Pokorny-Rosa attack on RSA vulnerability CAN-2003-0131
F5 Product Development tracked this issue and it was fixed in BIG-IP and 3-DNS versions 4.5.11 and 4.6.2...
K000139141: liblzma vulnerability CVE-2024-3094
Security Advisory Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used t...
K19820866: Linux kernel vulnerability CVE-2018-7492
Security Advisory Description A NULL pointer dereference was found in the net/rds/rdma.c rdsrdmamap function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDSGETMR and RDSGETMRFORDEST. CVE-2018-7492 Impact There is no impact...
K87351324: Intel BIOS vulnerability CVE-2021-33124
Security Advisory Description Out-of-bounds write in the BIOS authenticated code module for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-33124 Impact A local attacker logged in as a privileged user can exploit the...
K84301413: CUPS vulnerability CVE-2017-18190
Security Advisory Description A localhost.localdomain whitelist entry in validhost in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is...
K61974123: ImageMagick vulnerability CVE-2016-3718
Security Advisory Description The 1 HTTP and 2 FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery SSRF attacks via a crafted image. CVE-2016-3718 Note : This vulnerability is one of the series of vulnerabilities known as...
K35239571: PHP vulnerability CVE-2015-3329
Security Advisory Description Multiple stack-based buffer overflows in the pharsetinode function in pharinternal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a 1 tar, 2 phar, or 3 ZIP archive...
K21418431: PHP vulnerability CVE-2020-7059
Security Advisory Description When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information...
K32305110: mod_session vulnerability CVE-2021-26691
Security Advisory Description In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow CVE-2021-26691 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
K78825687: Python and Jython vulnerability CVE-2014-7185
Security Advisory Description Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. CVE-2014-7185 Impact An attacker that is able to control arguments in...
K85742355: Java SE vulnerability CVE-2020-14577
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker wi...
K32525759: Linux kernel vulnerability CVE-2021-3489
Security Advisory Description The eBPF RINGBUF bpfringbufreserve function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fix...
K42941419: Multiple Qt vulnerabilities
Security Advisory Description CVE-2018-15518 QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. CVE-2018-19869 An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in...
K31739796: Linux kernel vulnerability CVE-2019-8912
Security Advisory Description In the Linux kernel through 4.20.11, afalgrelease in crypto/afalg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfssetattr. CVE-2019-8912 Impact There is no impact; F5 products are not affected by this...
K14102355: Python Pillow vulnerability CVE-2021-25289
Security Advisory Description An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-3565...
K03310902: Multiple Linux vulnerabilities CVE-2020-8647,CVE-2020-8648, CVE-2020-8649
Security Advisory Description CVE-2020-8647 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vcdoresize function in drivers/tty/vt/vt.c. CVE-2020-8648 There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the nttyreceivebufcommon function in...
K70675920: August 2018 Intel security vulnerability announcement
Security Advisory Description On 14-Aug-2018, Intel announced the discovery of the following vulnerabilities: CVE-2018-3615 Foreshadow CVE-2018-3620 Foreshadow-NG CVE-2018-3646 Foreshadow-NG For the complete announcement from Intel, refer to the following link: Note : The following link takes you...
SOL44611310 - MySQL vulnerability CVE-2015-0411
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL00329831 - Multiple NTP vulnerabilities CVE-2015-8139 and CVE-2015-8140
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL12824341 - OpenSSL vulnerability CVE-2015-3195
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17246 - Linux kernel vulnerability CVE-2015-3636
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16965 - bzip2 vulnerabilities CVE-2005-0953 and CVE-2005-1260
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16863 - Apache vulnerability CVE-2013-5704
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15864 - libxml vulnerabilities CVE-2009-2414 and CVE-2009-2416
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...
SOL15679 - UEFI EDK2 Capsule Update vulnerabilities CVE-2014-4859 / CVE-2014-4860
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15295 - OpenSSL vulnerability CVE-2014-0076
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists...
SOL14969 - BIG-IP Edge and FirePass client information leakage vulnerability CVE-2013-6024
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL14382 - OpenSSH vulnerability CVE-2008-3259
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...