Lucene search
K

6396 matches found

F5 Networks
F5 Networks
•added 2015/08/13 12:0 a.m.•65 views

SOL17120 - Linux kernel vulnerability CVE-2014-8134

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

3.3CVSS0.7AI score0.00703EPSS
Exploits1References12
F5 Networks
F5 Networks
•added 2014/12/15 12:0 a.m.•65 views

SOL15910 - Linux kernel SCTP vulnerabilities CVE-2014-3673 and CVE-2014-3687

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

7.8CVSS1.2AI score0.08579EPSS
Exploits2References5
F5 Networks
F5 Networks
•added 2014/11/27 12:0 a.m.•65 views

SOL15868 - Multiple Wireshark vulnerabilities

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To...

7.8CVSS1.4AI score0.60643EPSS
Exploits7References9
F5 Networks
F5 Networks
•added 2014/10/23 12:0 a.m.•65 views

SOL15722 - OpenSSL DTLS SRTP Memory Leak CVE-2014-3513

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

7.1CVSS1.7AI score0.37072EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2014/10/02 12:0 a.m.•65 views

SOL15653 - Multiple PHP vulnerabilities

Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL167: Downloading software and firmware fro...

6.8CVSS4.5AI score0.06732EPSS
Exploits3References4
F5 Networks
F5 Networks
•added 2014/04/18 12:0 a.m.•65 views

SOL15189 - Apache Commons FileUpload vulnerability CVE-2014-0050

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.7AI score0.83175EPSS
Exploits8References5
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•64 views

K15154: NTP vulnerability CVE-2013-5211

Security Advisory Description The monlist feature in ntprequest.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service traffic amplification via forged 1 REQMONGETLIST or 2 REQMONGETLIST1 requests, as exploited in the wild in December 2013. CVE-2013-5211 Impact A...

5CVSS6.6AI score0.97755EPSS
Exploits23Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:55 p.m.•64 views

K16162257: Intel BIOS vulnerability CVE-2021-0154

Security Advisory Description Improper input validation in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVE-2021-0154 Impact A local attacker logged in as a privileged user can exploit the vulnerability...

7.8CVSS7.6AI score0.00259EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•64 views

K43452233: OpenSSL vulnerability CVE-2017-3737

Security Advisory Description OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This...

5.9CVSS6.6AI score0.78675EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:50 p.m.•64 views

K00329831: NTP vulnerabilities CVE-2015-8139 and CVE-2015-8140

Security Advisory Description CVE-2015-8139 ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors. CVE-2015-8140 The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the...

5.8CVSS6.7AI score0.05935EPSS
Exploits1Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 7:46 p.m.•64 views

K14228: OpenSSH vulnerability CVE-2007-2243

Security Advisory Description OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to...

5CVSS8AI score0.02472EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:45 p.m.•64 views

K15272: PHP Vulnerability CVE-2013-4636

Security Advisory Description The mget function in libmagic/softmagic.c in the Fileinfo component in PHP 5.4.x before 5.4.16 allows remote attackers to cause a denial of service invalid pointer dereference and application crash via an MP3 file that triggers incorrect MIME type detection during...

4.3CVSS6.6AI score0.01975EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:34 p.m.•64 views

K52525232: Linux kernel vulnerability CVE-2019-20811

Security Advisory Description An issue was discovered in the Linux kernel before 5.0.6. In rxqueueaddkobject and netdevqueueaddkobject in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c. CVE-2019-20811 Impact A local attacker may cause a denial-of-service DoS attack...

5.5CVSS6.7AI score0.00443EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:29 p.m.•64 views

K15622: wolfSSL CyaSSL vulnerability CVE-2013-1623

Security Advisory Description The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks...

4.3CVSS6.7AI score0.02424EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•64 views

K02771314: Oracle Java SE vulnerability CVE-2019-2699

Security Advisory Description Vulnerability in the Java SE component of Oracle Java SE subcomponent: Windows DLL. The supported version that is affected is Java SE: 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...

9CVSS7.4AI score0.02906EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:51 p.m.•64 views

K11533: OpenSSL vulnerability CVE-2010-0740

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

5CVSS9.1AI score0.2035EPSS
Exploits5
F5 Networks
F5 Networks
•added 2023/02/21 6:50 p.m.•64 views

K15637: GnuTLS vulnerability CVE-2013-2116

Security Advisory Description The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169. CVE-2013-2116...

5CVSS6.8AI score0.03761EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•64 views

K16347: Linux file utility vulnerabilities CVE-2014-8116 and CVE-2014-8117

Security Advisory Description CVE-2014-8116 The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities. CVE-2014-8117 softmagic.c in file before 5.21 does...

5CVSS8.3AI score0.05926EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•64 views

K54184111: Kibana vulnerability CVE-2019-7609

Security Advisory Description Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker...

10CVSS8.7AI score0.95338EPSS
Exploits12
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•64 views

K01054113: BIG-IP AWS vulnerability CVE-2020-5862

Security Advisory Description Under certain conditions, while sending traffic, the Traffic Management Microkernel TMM may produce a core file or stop processing new traffic with the Data Plane Development Kit DPDK/Elastic Network Adapter ENA driver on Amazon Web Services AWS systems. CVE-2020-586...

7.5CVSS7.5AI score0.01069EPSS
Exploits0Affected Software12
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•64 views

K22526232: Multiple Intel software vulnerabilities

Security Advisory Description CVE-2019-14629 INTEL-SA-00332 Improper access control in driver for IntelR VTuneTM Amplifier for Windows before update 8 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2019-14615 INTEL-SA-00314 Insufficient control...

7.8CVSS7.5AI score0.01447EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•64 views

K01311313: Linux kernel vulnerability CVE-2021-3612

Security Advisory Description An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the...

7.8CVSS6.9AI score0.00687EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•64 views

K70844615: OpenSSL vulnerability CVE-2016-6302

Security Advisory Description The tlsdecryptticket function in ssl/t1lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. CVE-2016-6302 Impact Remote attacke...

7.5CVSS7.9AI score0.26441EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•64 views

K62178133: Linux kernel vulnerability CVE-2017-14106

Security Advisory Description The tcpdisconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service tcpselectwindow divide-by-zero error and system crash by triggering a disconnect within a certain tcprecvmsg code path. CVE-2017-14106 Impact ...

5.5CVSS6.2AI score0.00445EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•65 views

K79215841: OpenSSL vulnerability CVE-2016-0702

Security Advisory Description The MODEXPCTIMECOPYFROMPREBUF function in crypto/bn/bnexp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running ...

5.1CVSS7AI score0.0191EPSS
Exploits1Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•64 views

K32051722: Apache Tomcat vulnerability CVE-2018-1305

Security Advisory Description Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL...

6.5CVSS7.2AI score0.14737EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•65 views

K51484039: PHP 'snmp.c' remote format string vulnerability CVE-2016-4071

Security Advisory Description Format string vulnerability in the phpsnmperror function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via format string specifiers in an SNMP::get call. CVE-2016-4071 Impact There...

9.8CVSS9.3AI score0.19455EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•64 views

K54610514: Linux kernel vulnerability CVE-2016-10088

Security Advisory Description The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNELDS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-fre...

7CVSS6.2AI score0.00372EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 6:32 p.m.•64 views

K53092542: Linux kernel vulnerability CVE-2021-20226

Security Advisory Description A use-after-free flaw was found in the iouring in Linux kernel, where a local attacker with a user privilege could cause a denial of service problem on the system The issue results from the lack of validating the existence of an object prior to performing operations ...

7.8CVSS7AI score0.0044EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:30 p.m.•64 views

K44942017: NTP vulnerability CVE-2014-5209

Security Advisory Description An Information Disclosure vulnerability exists in NTP 4.2.7p25 private mode 6/7 messages via a GETRESTRICT control message, which could let a malicious user obtain sensitive information. CVE-2014-5209 Impact An attacker may be able to prompt the network time protocol...

5.3CVSS6.9AI score0.02471EPSS
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 6:29 p.m.•64 views

K15679: UEFI EDK2 Capsule Update vulnerabilities CVE-2014-4859 / CVE-2014-4860

Security Advisory Description CVE-2014-4859 During the Drive Execution Environment DXE phase of the UEFI boot process, the contents of the capsule image are parsed during processing. An integer overflow vulnerability exists in the capsule processing phase that can cause the allocation of a buffer...

7.2CVSS7.5AI score0.00587EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:15 p.m.•64 views

K17173: OpenJDK vulnerability CVE-2015-4760

Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. CVE-2015-4760. Impact When your system is exploited by a locally authenticated attacker,...

10CVSS4.5AI score0.07031EPSS
Exploits0Affected Software20
F5 Networks
F5 Networks
•added 2023/01/06 5:27 p.m.•64 views

K13518: Multiple PHP vulnerabilities

Security Advisory Description The following PHP vulnerabilities require malicious user input in order to be exploited. For each item in the list, the affected command or component is not used by any F5 product, or its inputs are sanitized to prevent exploitation: CVE-2012-2376 CVE-2012-2311...

10CVSS8.3AI score0.99998EPSS
Exploits77
F5 Networks
F5 Networks
•added 2023/01/04 11:2 p.m.•64 views

K95313044: Multiple Java vulnerabilities

Security Advisory Description CVE-2013-3829 Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentialit...

10CVSS7.3AI score0.17606EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2022/03/17 10:2 p.m.•64 views

Intel CPU vulnerability CVE-2021-0125

Improper initialization in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via physical access. CVE-2021-0125 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The followin...

6.6CVSS6.8AI score0.00301EPSS
Exploits0
F5 Networks
F5 Networks
•added 2016/11/28 12:0 a.m.•64 views

SOL43167094 - Apache Struts 2 vulnerability CVE-2016-6795

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.8CVSS2.8AI score0.08438EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/11/16 12:0 a.m.•64 views

SOL85307687 - cURL and libcurl vulnerabilities CVE-2014-3613, CVE-2014-3707, and CVE-2014-8150

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS1.4AI score0.07432EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/07/27 12:0 a.m.•64 views

SOL17075474 - glibc vulnerability CVE-2016-4429

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.9CVSS2.4AI score0.03922EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/07/07 12:0 a.m.•64 views

SOL43254923 - Apache Ranger vulnerability CVE-2016-2174

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.2CVSS2.5AI score0.01884EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2016/06/30 12:0 a.m.•64 views

SOL82747025 - GraphicsMagick vulnerability CVE-2016-5118

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

10CVSS2.4AI score0.49982EPSS
Exploits1References10
F5 Networks
F5 Networks
•added 2016/06/13 12:0 a.m.•64 views

SOL26738102 - BIG-IP APM SSO vulnerability CVE-2016-3687

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.3CVSS5.8AI score0.01209EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2016/02/22 12:0 a.m.•64 views

SOL01324833 - NTP vulnerability CVE-2015-8158

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.9CVSS0.1AI score0.07546EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/01/28 12:0 a.m.•64 views

SOL20022580 - Linux kernel vulnerability CVE-2013-7446

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.4CVSS0.2AI score0.00625EPSS
Exploits1References3
F5 Networks
F5 Networks
•added 2016/01/13 12:0 a.m.•64 views

SOL94105604 - Linux kernel vulnerability CVE-2015-7872

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

2.1CVSS1.1AI score0.00508EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/10/19 12:0 a.m.•64 views

SOL17458 - Linux kernel vulnerability CVE-2015-1805

Recommended Action If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently...

7.2CVSS1.3AI score0.01395EPSS
Exploits3References5
F5 Networks
F5 Networks
•added 2015/10/07 12:0 a.m.•64 views

SOL17378 - SNMP vulnerability CVE-2015-5621

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS2.1AI score0.40002EPSS
Exploits1References8
F5 Networks
F5 Networks
•added 2015/07/07 12:0 a.m.•64 views

SOL16915 - OpenSSL vulnerability CVE-2015-1792

For BIG-IP, Enterprise Manager, and BIG-IQ systems, the vulnerable code exists on the system; however, it is not used in the way that exposes the system to the vulnerability. While BIG-IP v12.0.0 ships with an OpenSSL version prior to 1.0.1n, the libraries necessary to fix the issue were merged...

5CVSS0.8AI score0.22476EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/07/02 12:0 a.m.•64 views

SOL16847 - Apache vulnerabilities CVE-2014-8109, CVE-2014-3581, CVE-2014-3583

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS1AI score0.22016EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2015/04/22 12:0 a.m.•64 views

SOL16471 - Linux kernel vulnerability CVE-2010-0415

Note: As of February 17, 2005, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

4.6CVSS0.7AI score0.01819EPSS
Exploits3References12
F5 Networks
F5 Networks
•added 2014/11/06 12:0 a.m.•64 views

SOL15794 - ICMP vulnerability CVE-2004-0791

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

5CVSS3.3AI score0.2032EPSS
Exploits10References5
Total number of security vulnerabilities5000