K53146535: Multiple Sun Java vulnerabilities

Security Advisory Description CVE-2013-5870 Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2013-5878 Unspecified vulnerability in Oracle Java SE 6u65 and...

K19820866: Linux kernel vulnerability CVE-2018-7492

Security Advisory Description A NULL pointer dereference was found in the net/rds/rdma.c rdsrdmamap function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDSGETMR and RDSGETMRFORDEST. CVE-2018-7492 Impact There is no impact...

K15680: Linux kernel vulnerabilities CVE-2014-3917, CVE-2014-0205 and CVE-2014-4667

Security Advisory Description Description CVE-2014-3917 kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS via...

K55136511: Java SE vulnerabilities CVE-2019-2978 and CVE-2019-2989

Security Advisory Description CVE-2019-2978 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows...

K84301413: CUPS vulnerability CVE-2017-18190

Security Advisory Description A localhost.localdomain whitelist entry in validhost in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP commands by sending POST requests to the CUPS daemon in conjunction with DNS rebinding. The localhost.localdomain name is...

K61974123: ImageMagick vulnerability CVE-2016-3718

Security Advisory Description The 1 HTTP and 2 FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery SSRF attacks via a crafted image. CVE-2016-3718 Note : This vulnerability is one of the series of vulnerabilities known as...

K01043241: Linux kernel vulnerability CVE-2017-17448

Security Advisory Description net/netfilter/nfnetlinkcthelper.c in the Linux kernel through 4.14.4 does not require the CAPNETADMIN capability for new, get, and del operations, which allows local users to bypass intended access restrictions because the nfnlcthelperlist data structure is shared...

K21418431: PHP vulnerability CVE-2020-7059

Security Advisory Description When using fgetss function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information...

K61294700: Linux kernel vulnerability CVE-2020-27777

Security Advisory Description A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down usually due to Secure Boot guest system running on top of PowerVM or KVM hypervisors pseries platform a root like local user could use this flaw to further...

K04454621: Linux kernel vulnerability CVE-2020-25671

Security Advisory Description A vulnerability was found in Linux Kernel, where a refcount leak in llcpsockconnect causing use-after-free which might lead to privilege escalations. CVE-2020-25671 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Statu...

K55102004: BIG-IP Edge Client for Windows vulnerability CVE-2020-5855

Security Advisory Description When the Windows Logon Integration feature is configured for BIG-IP Edge Client, unauthorized users who have physical access to an authorized user's machine can get shell access under unprivileged user. CVE-2020-5855 Impact Attackers may be able to bypass...

K32305110: mod_session vulnerability CVE-2021-26691

Security Advisory Description In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow CVE-2021-26691 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

K78825687: Python and Jython vulnerability CVE-2014-7185

Security Advisory Description Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. CVE-2014-7185 Impact An attacker that is able to control arguments in...

K16909: BIND vulnerability CVE-2015-5477

Security Advisory Description An error in the handling of TKEY queries can be exploited by an attacker for use as a denial-of-service vector, as a constructed packet can use the defect to trigger a REQUIRE assertion failure, causing BIND to exit. CVE-2015-5477 Impact A remote attacker may be able...

K83043359: Apache HTTPD vulnerability CVE-2017-3169

Security Advisory Description In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, modssl may dereference a NULL pointer when third-party modules call aphookprocessconnection during an HTTP request to an HTTPS port. CVE-2017-3169 Impact When the vulnerability is exploited, the Apachehttpd...

K37526132: OpenSSL vulnerability CVE-2017-3731

Security Advisory Description If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when...

K11853211: Multiple Linux kernel vulnerabilities

Security Advisory Description CVE-2015-1339 Memory leak in the cusechannelrelease function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service memory consumption or possibly have unspecified other impact by opening /dev/cuse many times. CVE-2016-2384...

K85742355: Java SE vulnerability CVE-2020-14577

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker wi...

K75521602: MySQL vulnerability CVE-2022-21444

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple...

K31739796: Linux kernel vulnerability CVE-2019-8912

Security Advisory Description In the Linux kernel through 4.20.11, afalgrelease in crypto/afalg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfssetattr. CVE-2019-8912 Impact There is no impact; F5 products are not affected by this...

K15168792: Apache Struts 2 vulnerability CVE-2016-4438

Security Advisory Description The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression. CVE-2016-4438 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

K52379673: Linux kernel vulnerability for CVE-2021-4083

Security Advisory Description A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close and fget simultaneously and can potentially trigger a race condition. This flaw allows a local user to crash the system o...

K23702520: Linux kernel Vulnerability CVE-2020-25672

Security Advisory Description A memory leak vulnerability was found in Linux kernel in llcpsockconnect CVE-2020-25672 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for...

K22322802: Grafana vulnerability CVE-2021-39226

Security Advisory Description Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the...

K40508224: Perl vulnerability CVE-2020-10878

Security Advisory Description Perl before 5.30.3 has an integer overflow related to mishandling of a "PLregkindOPn == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of instruction injection. CVE-2020-10878 Impact An attacker may be able to...

SOL44611310 - MySQL vulnerability CVE-2015-0411

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL00329831 - Multiple NTP vulnerabilities CVE-2015-8139 and CVE-2015-8140

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL12824341 - OpenSSL vulnerability CVE-2015-3195

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL17169 - Java vulnerability CVE-2015-2625

While the vulnerable software components exist, they are not used in a way that exposes this vulnerability. There are no remote access vectors for this issue and no data plane exposure on F5 products; this vulnerability is considered low severity. Vulnerability Recommended Actions If the previous...

SOL16938 - OpenSSL vulnerability CVE-2015-1788

The Client Authentication setting of "ignore" does not expose the vulnerability. BIG-IP Edge Client-initiated connections are vulnerable only when connecting to a malicious server that is representing itself as a BIG-IP APM system. iOS devices using the BIG-IP Edge Client 2.0.5 or 2.0.6 are...

SOL16863 - Apache vulnerability CVE-2013-5704

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

SOL16349 - Linux kernel vulnerability CVE-2009-0676

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

SOL15894 - Apache vulnerabilities CVE-2012-4557 and CVE-2012-0021

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

SOL15638 - Python vulnerability CVE-2013-4238

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

SOL14969 - BIG-IP Edge and FirePass client information leakage vulnerability CVE-2013-6024

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

SOL14382 - OpenSSH vulnerability CVE-2008-3259

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...

K80557033: Linux kernel vulnerability CVE-2018-16882

Security Advisory Description A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In nestedgetvmcs12pages, in case of an error while processing posted interrupt address, it unmaps the 'pidescpage' witho...

K45810018: Multiple Insyde BIOS/EFI vulnerabilities

Security Advisory Description CVE-2020-5953 A vulnerability exists in System Management Interrupt SWSMI handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT EFIRUNTIMESERVICES pointer to call a GetVariable service, which is located outside of SMRAM. This can resu...

K77326807: BIND vulnerability CVE-2021-25219

Security Advisory Description In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers...

K18407453: Glib vulnerabilities CVE-2018-10767, CVE-2019-12450, and CVE-2019-19126

Security Advisory Description CVE-2018-10767 There is a stack-based buffer over-read in calling GLib in the function gxpsimagesguesscontenttype of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a ginputstreamread call. A crafted input will lead to a...

K02553911: Java vulnerabilities CVE-2020-14556, CVE-2020-14583, and CVE-2020-14664

Security Advisory Description CVE-2020-14556 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticate...

K14613: BIND vulnerability CVE-2013-4854

Security Advisory Description The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial-of-service DoS through a query with a...

K95343321: Linux kernel vulnerability CVE-2018-5390

Security Advisory Description Linux kernel versions 4.9+ can be forced to make very expensive calls to tcpcollapseofoqueue and tcppruneofoqueue for every incoming packet which can lead to a denial of service. CVE-2018-5390 also known as SegmentSmack Impact For products with vulnerable versions,...

K61367237: BIG-IP HTTP/3 QUIC vulnerability CVE-2020-5859

Security Advisory Description Specially formatted HTTP/3 messages may cause the Traffic Management Microkernel TMM to produce a core file. CVE-2020-5859 Impact TMM may restart and temporarily fail to process traffic on BIG-IP hosts with the HTTP/3 QUIC profile configured. High availability HA...

K86783800: LibTIFF vulnerability CVE-2016-3945

Security Advisory Description Multiple integer overflows in the 1 cvtbystrip and 2 cvtbytile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service crash or execute arbitrary code via a crafted TIFF image, which...

K32780121: Linux kernel vulnerability CVE-2019-20095

Security Advisory Description mwifiextmcmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service. CVE-2019-20095 Impact...

K61223103: Linux kernel vulnerability CVE-2017-9074

Security Advisory Description The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service out-of-bounds read and BUG or possibly have unspecified...

K42941419: Multiple Qt vulnerabilities

Security Advisory Description CVE-2018-15518 QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document. CVE-2018-19869 An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in...

K92969318: Linux kernel vulnerabilities CVE-2019-19061 CVE-2019-19077 CVE-2019-19078 CVE-2019-19080 CVE-2019-19082

Security Advisory Description CVE-2019-19061 A memory leak in the adisupdatescanmodeburst function in drivers/iio/imu/adisbuffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service memory consumption, aka CID-9c0530e898f3. CVE-2019-19077 A memory leak in the...

K14102355: Python Pillow vulnerability CVE-2021-25289

Security Advisory Description An issue was discovered in Pillow before 8.1.1. TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. NOTE: this issue exists because of an incomplete fix for CVE-2020-3565...