6294 matches found
K80159635: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130
Security Advisory Description Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2018-12130 Impact MDS...
K01106224: Java SE vulnerability CVE-2019-2964
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Concurrency. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker...
K73828041: MySQL vulnerability CVE-2016-6663
Security Advisory Description Race condition in Oracle MySQL before 5.5.52, 5.6.x before 5.6.33, 5.7.x before 5.7.15, and 8.x before 8.0.1; MariaDB before 5.5.52, 10.0.x before 10.0.28, and 10.1.x before 10.1.18; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before...
K34519550: Linux kernel vulnerability CVE-2021-27364
Security Advisory Description An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsitransportiscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. CVE-2021-27364 Impact An attacker may be able to exploit this vulnerability to...
K15934: NTP vulnerability CVE-2014-9293
Security Advisory Description The configauth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. CVE-2014-9293 Impact Default NTP...
K17244: Linux kernel vulnerability CVE-2015-1593
Security Advisory Description The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of...
K03564319: Linux kernel vulnerability CVE-2018-7566
Security Advisory Description The Linux kernel 4.15 has a Buffer Overflow via an SNDRVSEQIOCTLSETCLIENTPOOL ioctl write operation to /dev/snd/seq by a local user. CVE-2018-7566 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
K45439210: libxml2 vulnerability CVE-2015-8710
Security Advisory Description The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service out-of-bounds heap memory access and application crash, or possibly have unspecified other impact via an unclosed HTML comment...
K11068141: Python vulnerability CVE-2014-9365
Security Advisory Description The HTTP clients in the 1 httplib, 2 urllib, 3 urllib2, and 4 xmlrpclib libraries in CPython aka Python 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not a check the certificate against a trust store or verify that the server hostname matches...
K08173228: Multiple Intel CPU vulnerabilities
Security Advisory Description CVE-2021-0091 Improper access control in the firmware for some IntelR Processors may allow an unauthenticated user to potentially enable an escalation of privilege via local access. CVE-2021-0092 Improper access control in the firmware for some IntelR Processors may...
K10420455: Python urllib and urllib2 library vulnerability CVE-2016-5699
Security Advisory Description CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in CPython aka Python before 2.7.10 and 3.x before 3.4.4 allows remote attackers to inject arbitrary HTTP headers via CRLF sequences in a URL. CVE-2016-5699 Impact An attacker...
K32071141: Apache mod_http2 vulnerability CVE-2016-8740
Security Advisory Description The modhttp2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows remote attackers to cause a denial of service memory consumption via crafted CONTINUATION...
K39081000: Rsyslog vulnerability CVE-2019-17042
Security Advisory Description An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do n...
K25920352: Intel CPU SRBDS side-channel vulnerability CVE-2020-0543
Security Advisory Description Incomplete cleanup from specific special register read operations in some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-0543 Impact There is no impact; F5 products are not affected by this...
K21042398: PHP vulnerability CVE-2016-5769
Security Advisory Description Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impa...
K79531634: OpenSSL vulnerability CVE-2002-0655
Security Advisory Description OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. CVE-2002-0655 Impact There is no...
K21921812: Quagga vulnerability CVE-2016-2342
Security Advisory Description The bgpnlriparsevpnv4 function in bgpmplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execu...
K79401162: Samba vulnerabilities CVE-2016-2111, CVE-2016-2113, and CVE-2016-2114
Security Advisory Description CVE-2016-2111 The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session...
K000130509: Thunderbird vulnerability CVE-2021-43529
Security Advisory Description Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates wit...
K83430580: SAMBA vulnerability CVE-2022-42898
Security Advisory Description PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC, kadmind, or a GSS or Kerberos application server on 32-bit platforms which have a resultant heap-based buffer overflow,...
K23565223: Apache vulnerability CVE-2017-9788
Security Advisory Description In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '='...
SOL42204713 - Multiple MySQL vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL42454663 - PHP vulnerability CVE-2015-8874
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL16913 - OpenSSL vulnerability CVE-2015-1789
For BIG-IP, BIG-IQ, and Enterprise Manager systems, the vulnerable code exists in the OpenSSL package; however, the code is not used in a way that would make an exploit possible. While BIG-IP v12.0.0 ships with an OpenSSL version prior to 1.0.1n, the libraries necessary to fix the issue were merg...
SOL15866 - Multiple PHP vulnerabilities CVE-2014-3668, CVE-2014-3669, and CVE-2014-3670
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15359 - OpenSSL vulnerability CVE-2009-1378
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL13108 - TCP Packet Filtering Weakness - CERT VU # 464113
This security advisory describes a TCP vulnerability. Various vendors' TCP/IP implementations handle packets containing unusual flag combinations in different ways, which may lead to a violation of implicit or explicit security policies. For example, an attacker may be able to bypass network acce...
SOL12253 - PHP vulnerability CVE-2010-2225
PHP vulnerability CVE-2010-2225 describes a use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2. The vulnerability allows remote attackers to execute arbitrary code or obtain sensitive information by way of serialized data, related to the PHP...
SOL7923 - Cross-site scripting vulnerability in the logon page after enabling a pre-logon sequence - CVE-2007-6704
A cross-site scripting XSS vulnerability—CVE-2007-6704—exists in the FirePass logon page when a pre-logon sequence is enabled. The affected FirePass URL fails to fully sanitize URL input before the web page content is sent to the browser. It is possible for an attacker to create web pages,...
K000140882: OpenSSL vulnerability CVE-2024-5535
Security Advisory Description Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as...
K000139643: Node-tar vulnerability CVE-2024-28863
Security Advisory Description node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash t...
K52494142: GNU C Library (glibc) vulnerability CVE-2016-10228
Security Advisory Description The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leadi...
K06208063: Linux kernel vulnerability CVE-2018-1000004
Security Advisory Description In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition. CVE-2018-1000004 Impact There is no impact; F5 products are not affected by this...
K25423748: QEMU vulnerability CVE-2019-14378
Security Advisory Description ipreass in ipinput.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment. CVE-2019-14378 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Statu...
K31997425: tcpdump vulnerabilities CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, and CVE-2017-5486
Security Advisory Description CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933print, a different vulnerability than CVE-2016-8575. CVE-2017-5483 The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1parse. CVE-2017-5484 Th...
K15699: Linux kernel vulnerability CVE-2014-0131
Security Advisory Description Use-after-free vulnerability in the skbsegment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. CVE-2014-0131 Impact...
K51201255: Linux kernel vulnerability CVE-2016-7117
Security Advisory Description Use-after-free vulnerability in the sysrecvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing. CVE-2016-7117 Impact...
K62282045: Linux kernel vulnerability CVE-2021-38207
Security Advisory Description drivers/net/ethernet/xilinx/lltemacmain.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service buffer overflow and lockup by sending heavy network traffic for about ten minutes. CVE-2021-38207 Impact There is no impact; F5 products...
K21458044: Linux kernel vulnerability CVE-2020-10942
Security Advisory Description In the Linux kernel before 5.5.8, getrawsocket in drivers/vhost/net.c lacks validation of an skfamily field, which might allow attackers to trigger kernel stack corruption via crafted system calls. CVE-2020-10942 Impact There is no impact; F5 products are not affecte...
K45026834: Apache Tomcat vulnerability CVE-2020-13935
Security Advisory Description The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload...
K55545288: Linux kernel vulnerability CVE-2019-19046
Security Advisory Description DISPUTED A memory leak in the ipmibmcregister function in drivers/char/ipmi/ipmimsghandler.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering idasimpleget failure, aka CID-4aa7afb0ee20. NOTE: third...
K07052904: PHP vulnerability CVE-2015-3307
Security Advisory Description The pharparsemetadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service heap metadata corruption or possibly have unspecified other impact via a crafted tar archive...
K71436934: Apache httpd vulnerability CVE-2016-4979
Security Advisory Description The Apache HTTP Server 2.4.18 through 2.4.20, when modhttp2 and modssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveragin...
K91024405: Java SE vulnerability CVE-2017-10115
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JCE. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows...
K15653: Multiple PHP vulnerabilities
Security Advisory Description Description Following are descriptions of various PHP gdImageCrop vulnerabilities: CVE-2013-7226 Integer overflow in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allows remote attackers to cause a denial of service application crash or possibly...
K15568: OpenSSL vulnerability CVE-2014-3510
Security Advisory Description The ssl3sendclientkeyexchange function in s3clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service NULL pointer dereference and client application crash via a crafted handshake...
K8939: SNMPv3 HMAC verification vulnerability CVE-2008-0960 - VU#878044
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K8077: BIND 8 vulnerability CVE-2007-2930
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...
K59591931: Drupal vulnerability CVE-2018-7602
Security Advisory Description A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to...
K37080719: NGINX Instance Manager vulnerability CVE-2022-35241
Security Advisory Description When NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. CVE-2022-35241 Impact System performance can degrade until system inodes become free. This vulnerability allows a remote, authenticated attacker to cause a...