6392 matches found
K000139558: Node.js vulnerabilities CVE-2023-46809, CVE-2024-21892, and CVE-2024-22019
Security Advisory Description CVE-2023-46809 Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed...
K11342432: BIG-IP HTTP non-RFC-compliant security exposure
Security Advisory Description This issue occurs when a non-RFC-compliant HTTP request is received by a virtual server on a system matching one of the following conditions: BIG-IP 15.1.0 and later version with a virtual server with an HTTP profile with Enforce RFC Compliance enabled. All supported...
K000139447: Apache httpd vulnerability CVE-2024-24795
Security Advisory Description HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this...
K68852819: Linux kernel vulnerability CVE-2016-10200
Security Advisory Description Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service use-after-free by making multiple bind system calls without properly ascertaining whether a socket has the...
K53146535: Multiple Sun Java vulnerabilities
Security Advisory Description CVE-2013-5870 Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. CVE-2013-5878 Unspecified vulnerability in Oracle Java SE 6u65 and...
K80557033: Linux kernel vulnerability CVE-2018-16882
Security Advisory Description A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In nestedgetvmcs12pages, in case of an error while processing posted interrupt address, it unmaps the 'pidescpage' witho...
K45810018: Multiple Insyde BIOS/EFI vulnerabilities
Security Advisory Description CVE-2020-5953 A vulnerability exists in System Management Interrupt SWSMI handler of InsydeH2O UEFI Firmware code located in SWSMI handler that dereferences gRT EFIRUNTIMESERVICES pointer to call a GetVariable service, which is located outside of SMRAM. This can resu...
K77326807: BIND vulnerability CVE-2021-25219
Security Advisory Description In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1 - 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 - 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers...
K55136511: Java SE vulnerabilities CVE-2019-2978 and CVE-2019-2989
Security Advisory Description CVE-2019-2978 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Networking. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows...
K80758444: Linux kernel vulnerability CVE-2015-8812
Security Advisory Description drivers/infiniband/hw/cxgb3/iwchcm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via crafted packets. CVE-2015-8812 Impact There is no...
K15737: Apache vulnerability CVE-2014-3577
Security Advisory Description org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509...
K57542514: Python vulnerabilities CVE-2019-9636 and CVE-2019-10160
Security Advisory Description Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding with an incorrect netloc during NFKC normalization. The impact is: Information disclosure credentials, cookies, etc. that are cached against a given hostname. The...
K6669: Apache HTTP Expect header handling
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of F5...
K23180157: libxml2 vulnerability CVE-2017-7376
Security Advisory Description Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. CVE-2017-7376 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Statu...
K61367237: BIG-IP HTTP/3 QUIC vulnerability CVE-2020-5859
Security Advisory Description Specially formatted HTTP/3 messages may cause the Traffic Management Microkernel TMM to produce a core file. CVE-2020-5859 Impact TMM may restart and temporarily fail to process traffic on BIG-IP hosts with the HTTP/3 QUIC profile configured. High availability HA...
K27129140: mod_auth_digest vulnerability CVE-2020-35452
Security Advisory Description Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in modauthdigest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or...
K11330713: jQuery vulnerability CVE-2014-6071
Security Advisory Description jQuery 1.4.2 allows remote attackers to conduct cross-site scripting XSS attacks via vectors related to use of the text method inside after. CVE-2014-6071 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Produ...
K86783800: LibTIFF vulnerability CVE-2016-3945
Security Advisory Description Multiple integer overflows in the 1 cvtbystrip and 2 cvtbytile functions in the tiff2rgba tool in LibTIFF 4.0.6 and earlier, when -b mode is enabled, allow remote attackers to cause a denial of service crash or execute arbitrary code via a crafted TIFF image, which...
K32780121: Linux kernel vulnerability CVE-2019-20095
Security Advisory Description mwifiextmcmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. This will cause a memory leak and denial of service. CVE-2019-20095 Impact...
K22113693: Linux kernel vulnerability CVE-2021-42739
Security Advisory Description The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avccapmt mishandles bounds checking. CVE-2021-42739 Impact There is no impact; F5 product...
K29855410: Vim vulnerabilities CVE-2022-0261, CVE-2022-0318, CVE-2022-0361, CVE-2022-0392, and CVE-2022-0413
Security Advisory Description CVE-2022-0261 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. CVE-2022-0318 Heap-based Buffer Overflow in vim/vim prior to 8.2. CVE-2022-0361 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. CVE-2022-0392 Heap-based Buffer...
K20378113: Linux kernel vulnerability CVE-2020-11565
Security Advisory Description DISPUTED An issue was discovered in the Linux kernel through 5.6.2. mpolparsestr in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community...
K11255393: Linux kernel vulnerability CVE-2021-41864
Security Advisory Description preallocelemsandfreelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write. CVE-2021-41864 Impact There is no impact; F5 products are not...
K92969318: Linux kernel vulnerabilities CVE-2019-19061 CVE-2019-19077 CVE-2019-19078 CVE-2019-19080 CVE-2019-19082
Security Advisory Description CVE-2019-19061 A memory leak in the adisupdatescanmodeburst function in drivers/iio/imu/adisbuffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service memory consumption, aka CID-9c0530e898f3. CVE-2019-19077 A memory leak in the...
K68024700: Linux kernel vulnerability CVE-2020-9383
Security Advisory Description An issue was discovered in the Linux kernel through 5.5.6. setfdc in drivers/block/floppy.c leads to a waittilready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. CVE-2020-9383 Impact There is no impact; ...
K58003591: Apache HTTP server vulnerability CVE-2022-28614
Security Advisory Description The aprwrite function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using aprwrite or aprputs, such as with modluas r:puts function. Modules compiled and distributed separately from...
K20934447: Linux kernel vulnerability CVE-2018-14634
Security Advisory Description An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x a...
K14594844: Linux kernel Vulnerability CVE-2020-25670
Security Advisory Description A vulnerability was found in Linux Kernel where refcount leak in llcpsockbind causing use-after-free which might lead to privilege escalations. CVE-2020-25670 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...
K24335161: Apache Tomcat vulnerability CVE-2017-12616
Security Advisory Description When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request. CVE-2017-12616 Impact There is no...
K95593121: Linux kernel vulnerability CVE-2019-10126
Security Advisory Description A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiexuapparsetailies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly other consequences. CVE-2019-10126 Impact There is no impact; F5 products a...
K01821401: Linux kernel vulnerability CVE-2018-9363
Security Advisory Description In the hidpprocessreport in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID:...
K04337834: Linux kernel vulnerability CVE-2017-10661
Security Advisory Description Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service list corruption or use-after-free via simultaneous file-descriptor operations that leverage improper mightcancel queueing...
K16120: OpenSSL vulnerability CVE-2014-3570
Security Advisory Description The BNsqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified...
K22334603: OpenSSL vulnerability CVE-2016-0799
Security Advisory Description The fmtstr function in crypto/bio/bprint.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g improperly calculates string lengths, which allows remote attackers to cause a denial of service overflow and out-of-bounds read or possibly have unspecified other impac...
K23196136: OpenSSL vulnerability CVE-2016-0800
Security Advisory Description The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to...
K47662005: BIG-IP Net HSM script vulnerability CVE-2022-28859
When installing Net HSM, the scripts nethsm-safenet-install.sh and nethsm-thales-install.sh expose the Net HSM partition password. CVE-2022-28859 Impact This vulnerability may allow an authenticated attacker with network access to the Net HSM to use or delete private keys by accessing a...
Intel CPU vulnerability CVE-2021-0092
Improper access control in the firmware for some IntelR Processors may allow a privileged user to potentially enable a denial of service via local access. CVE-2021-0092 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The following...
SOL02652550 - OpenSSL vulnerability CVE-2016-2180
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL82392041 - Apache Commons FileUpload vulnerability CVE-2016-3092
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL11353642 - Linux kernel vulnerability CVE-2013-2596
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL82679059 - BIG-IP APM SSO vulnerability CVE-2016-3686
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL59722044 - PHP vulnerabilities CVE-2016-1903 and CVE-2016-1904
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL17455 - Multiple Jenkins vulnerabilities
CVE-2015-1806 It was found that the combination filter Groovy script could allow a remote attacker to potentially execute arbitrary code on a Jenkins master. CVE-2015-1807 It was found that when building artifacts, the Jenkins server would follow symbolic links, potentially resulting in disclosur...
SOL17169 - Java vulnerability CVE-2015-2625
While the vulnerable software components exist, they are not used in a way that exposes this vulnerability. There are no remote access vectors for this issue and no data plane exposure on F5 products; this vulnerability is considered low severity. Vulnerability Recommended Actions If the previous...
SOL16912 - BIND vulnerability CVE-2015-4620
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16938 - OpenSSL vulnerability CVE-2015-1788
The Client Authentication setting of "ignore" does not expose the vulnerability. BIG-IP Edge Client-initiated connections are vulnerable only when connecting to a malicious server that is representing itself as a BIG-IP APM system. iOS devices using the BIG-IP Edge Client 2.0.5 or 2.0.6 are...
SOL16351 - Multiple Linux kernel vulnerabilities CVE-2009-0834, CVE-2009-0835, and CVE-2009-0859
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...
SOL16349 - Linux kernel vulnerability CVE-2009-0676
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15638 - Python vulnerability CVE-2013-4238
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15273 - Apache vulnerability CVE-2012-0053
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. ARX To mitigate th...