6294 matches found
K80311892: InfoZIP vulnerability CVE-2019-13232
Security Advisory Description Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP container, leading to denial of service resource consumption, aka a "better zip bomb" issue. CVE-2019-13232 Impact Local users with administrative access to the BIG-IP Advanced Shell bash may be able...
K59513013: Linux kernel vulnerability CVE-2019-14821
Security Advisory Description An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvmcoalescedmmio' object, wherein write indices...
K23231802: Expat vulnerability CVE-2021-46143
Security Advisory Description In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize. CVE-2021-46143 Impact A remote attacker could send specially crafted XML which, when parsed by an application using the Expat library, would result in a buffer...
K15104541: Expat XML library vulnerability CVE-2015-1283
Security Advisory Description Multiple integer overflows in the XMLGetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact v...
K79502122: Zend Framework vulnerability CVE-2016-10034
Security Advisory Description The setFrom function in the Sendmail adapter in the zend-mail component before 2.4.11, 2.5.x, 2.6.x, and 2.7.x before 2.7.2, and Zend Framework before 2.4.11 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary...
K39029022: Linux kernel vulnerability CVE-2021-37576
Security Advisory Description arch/powerpc/kvm/book3srtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtasargs.nargs, aka CID-f62f3c20647e. CVE-2021-37576 Impact There is no impact; F5 products are not affected by...
K98102572: Linux kernel vulnerability CVE-2015-7990
Security Advisory Description Race condition in the rdssendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by using a socket that was not properly...
K12824341: OpenSSL vulnerability CVE-2015-3195
Security Advisory Description The ASN1TFLGCOMBINE implementation in crypto/asn1/tasndec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509ATTRIBUTE data, which allows remote attackers to obtain sensitive...
K000130496: Overview of F5 vulnerabilities (February 2023)
Security Advisory Description On February 1, 2023, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...
Intel CPU vulnerability CVE-2021-0119
Improper initialization in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via physical access. CVE-2021-0119 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources. The followin...
SOL55672042 - Linux kernel vulnerability CVE-2016-4470
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16838 - XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2015-1470
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL33721814 - PHP vulnerability CVE-2016-6174
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL00032124 - BIG-IP last hop kernel module vulnerability CVE-2015-5516
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17307 - Linux kernel vulnerability CVE-2015-5364
The 1 udprecvmsg and 2 udpv6recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service system hang via incorrect checksums within a UDP packet flood. CVE-2015-5364...
SOL17125 - Multiple Java vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL16983 - PCRE library vulnerability CVE-2015-2325
Although the BIG-IP/BIG-IQ/Enterprise Manager software contains the vulnerable code, BIG-IP/BIG-IQ/Enterprise Manager does not use the vulnerable code in a way that exposes the vulnerability. An attacker must have local access to BIG-IP/BIG-IQ/Enterprise Manager to trigger an exploit, which the...
SOL16126 - OpenSSL vulnerability CVE-2014-3572
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL16016 - Linux kernel SCTP vulnerability CVE-2014-7841
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15571 - OpenSSL vulnerability CVE-2014-3508
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL14739 - OpenSSH vulnerability CVE-2008-3234
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL13219 - DHCP Client vulnerability CVE-2011-0997
Recommended action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. To mitigate this vulnerability, when configuring the AOM or SCCP for access over the network, you should use a static IP address and not...
SOL10441 - Microsoft Active Template Library (ATL) vulnerabilities VU#456745
Information about this advisory is available at the following locations: F5 Product Development tracked this issue as ID 296507 formerly CR125945 for FirePass, and it was fixed in FirePass 6.1.0. For information about upgrading, refer to the FirePass release notes. Obtaining and installing patche...
SOL9988 - libpng vulnerability CVE-2009-0040
Description The PNG reference library libpng, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code by way of a crafted PNG file. Information about this advisory is available at the followin...
K000149173: NGINX TLS session resumption vulnerability CVE-2025-23419
Security Advisory Description When name-based virtual hosts are configured to share the same IP address and port combination, with TLS 1.3 and OpenSSL, a previously authenticated attacker can use session resumption to bypass client certificate authentication requirements on these servers. This...
K000138353: Quarterly Security Notification (February 2024)
Security Advisory Description On February 14, 2024, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associat...
K000138242: OpenSSL vulnerability CVE-2023-5678
Security Advisory Description Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise,...
K59010802: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2015-4730 Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to affect availability via unknown vectors related to Types. CVE-2015-4792 Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and...
K15329: SSL_MODE_RELEASE_BUFFERS vulnerability CVE-2014-0198
Security Advisory Description The dossl3write function in s3pkt.c in OpenSSL 1.x through 1.0.1g, when SSLMODERELEASEBUFFERS is enabled, does not properly manage a buffer pointer during certain recursive calls, which allows remote attackers to cause a denial of service NULL pointer dereference and...
K03151140: ImageMagick vulnerability CVE-2016-3714
Security Advisory Description The 1 EPHEMERAL, 2 HTTPS, 3 MVG, 4 MSL, 5 TEXT, 6 SHOW, 7 WIN, and 8 PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka "ImageTragick." CVE-2016-3714 Impac...
K53854428: iControl SOAP vulnerability CVE-2021-23026
Security Advisory Description BIG-IP and BIG-IQ are vulnerable to cross-site request forgery CSRF attacks through iControl SOAP. CVE-2021-23026 Impact An attacker may trick authenticated users into performing critical actions. This vulnerability can only be exploited through the control plane and...
K52125139: NGINX Ingress Controller vulnerability CVE-2022-30535
Security Advisory Description An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. CVE-2022-30535 Impact This vulnerability may allow an authenticated attacker with network access to NGINX Ingress Controller ingress objects t...
K95003704: Java SE vulnerability CVE-2018-3183
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Scripting. Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows...
K83823933: OpenSSL Vulnerability CVE-2021-4044
Security Advisory Description Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by...
K38624343: MySQL vulnerabilities CVE-2017-3308, CVE-2017-3456, CVE-2017-3464, and CVE-2020-2780
Security Advisory Description CVE-2017-3308 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged...
K95698826: LZO vulnerability CVE-2014-4607
Security Advisory Description An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cau...
K6623: OpenSSL signature vulnerability - CVE-2006-4339
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this Solution have not been evaluated for...
K01512680: Linux kernel vulnerability CVE-2019-11811
Security Advisory Description An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmisi module is removed, related to drivers/char/ipmi/ipmisiintf.c, drivers/char/ipmi/ipmisimemio.c, and...
K16321: OpenSSL vulnerability CVE-2015-0293
Security Advisory Description The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service s2lib.c assertion failure and daemon exit via a crafted CLIENT-MASTER-KEY message. CVE-2015-0293...
K03009991: iControl REST unauthenticated remote command execution vulnerability CVE-2021-22986
Security Advisory Description The iControl REST interface has an unauthenticated remote command execution vulnerability. CVE-2021-22986 Impact This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management interface and se...
K33606035: OpenJDK vulnerability CVE-2020-14792
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker wit...
K28241423: Linux kernel vulnerability CVE-2018-18559
Security Advisory Description In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanoutadd from setsockopt and bind on an AFPACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The...
K26618426: Linux SACK Slowness vulnerability CVE-2019-11478
Security Advisory Description Jonathan Looney discovered that the TCP retransmission queue implementation in tcpfragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment SACK sequences. A remote attacker could use this to cause a denial of service. This h...
K80159635: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130
Security Advisory Description Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2018-12130 Impact MDS...
K01106224: Java SE vulnerability CVE-2019-2964
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker...
K04253390: Apache Xerces vulnerability CVE-2016-2099
Security Advisory Description Use-after-free vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier does not properly handle exceptions raised in the XMLReader class, which allows context-dependent attackers to have unspecified impact via an invalid character in an...
K73828041: MySQL vulnerability CVE-2016-6663
Security Advisory Description Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before...
K34519550: Linux kernel vulnerability CVE-2021-27364
Security Advisory Description An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsitransportiscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. CVE-2021-27364 Impact An attacker may be able to exploit this vulnerability to...
K15934: NTP vulnerability CVE-2014-9293
Security Advisory Description The configauth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. CVE-2014-9293 Impact Default NTP...
K17244: Linux kernel vulnerability CVE-2015-1593
Security Advisory Description The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of...