6396 matches found
SOL35240323 - PHP Vulnerability CVE-2016-4539
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL10550253 - ImageMagick vulnerability CVE-2016-3715
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL93532943 - SSHD session.c vulnerability CVE-2016-3115
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL62655427 - libjpeg-turbo vulnerability CVE-2013-6630
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17543 - Linux kernel vulnerability CVE-2014-9420
Although the software of the affected F5 products contains the vulnerable code, the affected F5 products do not use the vulnerable code in a way that exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products to trigger an exploit...
SOL17201 - Apache HTTP server vulnerability CVE-2008-0455
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16354 - Multiple JavaSE client-side vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...
SOL16321 - OpenSSL vulnerability CVE-2015-0293
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL15905 - Expat vulnerabilities CVE-2009-3560 and CVE-2009-3720
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15359 - OpenSSL vulnerability CVE-2009-1378
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15274 - TCP reassembly vulnerability CVE-2014-3000
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. If your LineRate...
SOL5533 - Potential protocol version rollback vulnerability in OpenSSL - CVE-2005-2969
It is possible that customers using non-default SSL options could be exposed to this vulnerability in the BIG-IP LTM Configuration utility, SSL terminating virtual servers, and bundled utilities. F5 tracked this problem as CR55070, CR55145, CR55203, CR55204, CR55283, CR55426, CR55588, and CR63465...
K000149173: NGINX TLS session resumption vulnerability CVE-2025-23419
Security Advisory Description When name-based virtual hosts are configured to share the same IP address and port combination, with TLS 1.3 and OpenSSL, a previously authenticated attacker can use session resumption to bypass client certificate authentication requirements on these servers. This...
K000141008: RADIUS authentication vulnerability CVE-2024-3596
Security Advisory Description RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator...
K000138693: Linux kernel vulnerabilities CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208
Security Advisory Description CVE-2023-4206 A use-after-free vulnerability in the Linux kernel's net/sched: clsroute component can be exploited to achieve local privilege escalation. When route4change is called on an existing filter, the whole tcfresult struct is always copied into the new instan...
K000138392: Apache Tomcat vulnerability CVE-2024-21733
Security Advisory Description Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which...
K17246: Linux kernel vulnerability CVE-2015-3636
Security Advisory Description The pingunhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3 does not initialize a certain list data structure during an unhash operation, which allows local users to gain privileges or cause a denial of service use-after-free and system crash by...
K45752041: Samba vulnerability CVE-2021-44141
Security Advisory Description All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in...
K34985231: PHP vulnerabilities CVE-2016-6288 and CVE-2016-6289
Security Advisory Description CVE-2016-6288 The phpurlparseex function in ext/standard/url.c in PHP before 5.5.38 allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via vectors involving the smartstr data type. CVE-2016-6289 Integer...
K95432245: PHP vulnerability CVE-2016-5768
Security Advisory Description Double free vulnerability in the phpmbregexeregreplaceexec function in phpmbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service application...
K08250500: Nginx vulnerability CVE-2016-4450
Security Advisory Description os/unix/ngxfiles.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service NULL pointer dereference and worker process crash via a crafted request, involving writing a client request body to a temporary file. CVE-2016-4450...
K01934914: Ruby-MySQL vulnerability CVE-2021-3779
Security Advisory Description A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later. CVE-2021-3779 Impact There is no impact; F5 products are...
K35253541: Java vulnerability CVE-2020-14797
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker...
K72453266: Linux kernel vulnerability CVE-2013-2164
Security Advisory Description The mmcioctlcdromreaddata function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10 allows local users to obtain sensitive information from kernel memory via a read operation on a malfunctioning CD-ROM drive. CVE-2013-2164 Impact There is no impact; F5...
K38624343: MySQL vulnerabilities CVE-2017-3308, CVE-2017-3456, CVE-2017-3464, and CVE-2020-2780
Security Advisory Description CVE-2017-3308 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged...
K17061: Multiple PHP vulnerabilities
Security Advisory Description CVE-2015-4599 The SoapFault::toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service application crash, or possibly execute arbitrary code...
K71960814: OpenSSH vulnerability CVE-2016-1908
Security Advisory Description The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by...
K28409184: Mozilla NSS vulnerability CVE-2020-12413
Security Advisory Description The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites. CVE-2020-12413 Impact This can lead to an attacker being able to compute the pre-master secret i...
K35012672: PHP vulnerability CVE-2014-9705
Security Advisory Description Heap-based buffer overflow in the enchantbrokerrequestdict function in ext/enchant/enchant.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allows remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries...
K82508682: Linux kernel vulnerability CVE-2017-6074
Security Advisory Description The dccprcvstateprocess function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCPPKTREQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service double free via an applicatio...
K61429540: Linux kernel vulnerability CVE-2017-9077
Security Advisory Description The tcpv6synrecvsock function in net/ipv6/tcpipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890...
K44512851: OpenSSL vulnerability CVE-2017-3732
Security Advisory Description There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to...
K84024430: Linux kernel vulnerability CVE-2017-7542
Security Advisory Description The ip6find1stfragopt function in net/ipv6/outputcore.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service integer overflow and infinite loop by leveraging the ability to open a raw socket. CVE-2017-7542 Impact This vulnerability allow...
K08503505: BIG-IP Edge Client for Windows vulnerability CVE-2021-23022
Security Advisory Description The BIG-IP Edge Client Windows Installer Service's temporary folder has weak file and folder permissions. CVE-2021-23022 Impact This vulnerability can be exploited to allow an unprivileged user to run a specially crafted application to gain privilege escalation on th...
K11165942: Linux kernel vulnerability CVE-2018-18710
Security Advisory Description An issue was discovered in the Linux kernel through 4.19. An information leak in cdromioctlselectdisc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is...
K23151384: Sudo vulnerabilities CVE-2017-1000367 and CVE-2017-1000368
Security Advisory Description CVE-2017-1000367 Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation embedded spaces in the getprocessttyname function resulting in information disclosure and command execution. CVE-2017-1000368 Todd Miller's sudo version 1.8.20p1 and...
K31301245: TMUI CSRF vulnerability CVE-2020-5904
Security Advisory Description A cross-site request forgery CSRF vulnerability in the Traffic Management User Interface TMUI, also referred to as the Configuration utility, exists in an undisclosed page. CVE-2020-5904 Impact An attacker may be able to use the session of an administrator user to...
K21462542: OpenSSL vulnerability CVE-2017-3735
Security Advisory Description While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL since then...
K49229034: Sudo vulnerabilities CVE-2014-9680, CVE-2016-7032, CVE-2016-7076, and CVE-2016-7077
Security Advisory Description CVE-2014-9680 sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access but not view file contents by running a program within an sudo session, as...
K45991967: PHP vulnerability CVE-2020-7060
Security Advisory Description When using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbflfiltconvbig5wchar to read past the allocated buffer. This may...
K52470083: Apache vulnerability CVE-2010-0408
Security Advisory Description The approxyajprequest function in modproxyajp.c in modproxyajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client sends no request body, which allows remote attackers to cause a denial of service backend server...
K000130496: Overview of F5 vulnerabilities (February 2023)
Security Advisory Description On February 1, 2023, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...
Intel CPU vulnerabilities CVE-2021-0107 and CVE-2021-0111
CVE-2021-0107 Unchecked return value in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-0111 NULL pointer dereference in the firmware for some IntelR Processors may allow a privileged user to potentially...
SOL35232053 - PHP vulnerability CVE-2016-7125
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL72255110 - MySQL vulnerability CVE-2016-6662
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL41739114 - Linux kernel vulnerability CVE-2014-6410
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL75136237 - Privilege escalation vulnerability CVE-2015-7393
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16835 - ICU overflow vulnerabilities CVE-2014-8146 and CVE-2014-8147
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16477 - Linux kernel vulnerability CVE-2010-2524
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16429 - Linux kernel vulnerability CVE-2015-0239
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...