6401 matches found
K14229426: BIG-IP SSL vulnerability CVE-2022-29491
Security Advisory Description When a virtual server is configured with HTTP, TCP on one side client/server, and DTLS on the other server/client, undisclosed requests can cause the TMM process to terminate. CVE-2022-29491 Impact Traffic is disrupted while the TMM process restarts. This vulnerabili...
K34519550: Linux kernel vulnerability CVE-2021-27364
Security Advisory Description An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsitransportiscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. CVE-2021-27364 Impact An attacker may be able to exploit this vulnerability to...
K15934: NTP vulnerability CVE-2014-9293
Security Advisory Description The configauth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. CVE-2014-9293 Impact Default NTP...
K17244: Linux kernel vulnerability CVE-2015-1593
Security Advisory Description The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of...
K03564319: Linux kernel vulnerability CVE-2018-7566
Security Advisory Description The Linux kernel 4.15 has a Buffer Overflow via an SNDRVSEQIOCTLSETCLIENTPOOL ioctl write operation to /dev/snd/seq by a local user. CVE-2018-7566 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
K11068141: Python vulnerability CVE-2014-9365
Security Advisory Description The HTTP clients in the 1 httplib, 2 urllib, 3 urllib2, and 4 xmlrpclib libraries in CPython aka Python 2.x before 2.7.9 and 3.x before 3.4.3, when accessing an HTTPS URL, do not a check the certificate against a trust store or verify that the server hostname matches...
K02566623: Overview of F5 vulnerabilities (March 2021)
Security Advisory Description On March 10th, 2021, F5 announced twenty-one 21 CVEs, including four Critical vulnerabilities. This document is intended to serve as an overview of these vulnerabilities to help determine the impact on your F5 devices. The details of each issue can be found in the...
K39081000: Rsyslog vulnerability CVE-2019-17042
Security Advisory Description An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The parser tries to locate a log message delimiter in this case, a space or a colon, but fails to account for strings that do n...
K15104541: Expat XML library vulnerability CVE-2015-1283
Security Advisory Description Multiple integer overflows in the XMLGetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact v...
K79531634: OpenSSL vulnerability CVE-2002-0655
Security Advisory Description OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code. CVE-2002-0655 Impact There is no...
K27673650: Linux kernel vulnerability CVE-2018-17972
Security Advisory Description An issue was discovered in the procpidstack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack unwinding and leak kernel...
K21921812: Quagga vulnerability CVE-2016-2342
Security Advisory Description The bgpnlriparsevpnv4 function in bgpmplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration is used, relies on a Labeled-VPN SAFI routes-data length field during a data copy, which allows remote attackers to execu...
K79401162: Samba vulnerabilities CVE-2016-2111, CVE-2016-2113, and CVE-2016-2114
Security Advisory Description CVE-2016-2111 The NETLOGON service in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2, when a domain controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session...
K000130509: Thunderbird vulnerability CVE-2021-43529
Security Advisory Description Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates wit...
K82793463: BIG-IP MRF Diameter vulnerability CVE-2022-23019
Security Advisory Description When a message routing type virtual server is configured with both Diameter Session and Router Profiles, undisclosed traffic can cause an increase in memory resource utilization. CVE-2022-23019 Impact System performance can degrade until the process is either forced ...
K23565223: Apache vulnerability CVE-2017-9788
Security Advisory Description In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '='...
SOL22232964 - Expat XML library vulnerability CVE-2016-4472
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL20219314 - OpenSSL vulnerability CVE-2015-1794
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL17503 - PHP vulnerabilities CVE-2015-7803 and CVE-2015-7804
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL17326 - Linux kernel vulnerability CVE-2015-5157
Recommended Action If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently...
SOL17125 - Multiple Java vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL16913 - OpenSSL vulnerability CVE-2015-1789
For BIG-IP, BIG-IQ, and Enterprise Manager systems, the vulnerable code exists in the OpenSSL package; however, the code is not used in a way that would make an exploit possible. While BIG-IP v12.0.0 ships with an OpenSSL version prior to 1.0.1n, the libraries necessary to fix the issue were merg...
SOL16126 - OpenSSL vulnerability CVE-2014-3572
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15866 - Multiple PHP vulnerabilities CVE-2014-3668, CVE-2014-3669, and CVE-2014-3670
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15571 - OpenSSL vulnerability CVE-2014-3508
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15236 - ConfigSync IP Rsync full file system access vulnerability CVE-2014-2927
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...
SOL10905 - NTP vulnerability - CVE-2009-3563
F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of NTP. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems. These products are only vulnerable if NTP was manually configured and enabled...
K000139898: PyYAML vulnerabilities CVE-2020-1747 and CVE-2020-14343
Security Advisory Description CVE-2020-1747 A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the fullload method or with the FullLoader loader. Applications that use th...
K000139668: MySQL Server vulnerabilities CVE-2024-21000 and CVE-2024-21008
Security Advisory Description CVE-2024-21000 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with...
K000139618: MySQL vulnerabilities CVE-2024-21054, CVE-2024-21009, CVE-2024-20993, and CVE-2024-21102
Security Advisory Description CVE-2024-21054 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access...
K05617914: Linux kernel vulnerability CVE-2020-10757
Security Advisory Description A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system. CVE-2020-10757 Impact There is no impact; F5...
K52494142: GNU C Library (glibc) vulnerability CVE-2016-10228
Security Advisory Description The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leadi...
K10429441: Linux kernel vulnerability CVE-2020-14331
Security Advisory Description A flaw was found in the Linux kernels implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VTRESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to t...
K31997425: tcpdump vulnerabilities CVE-2017-5482, CVE-2017-5483, CVE-2017-5484, CVE-2017-5485, and CVE-2017-5486
Security Advisory Description CVE-2017-5482 The Q.933 parser in tcpdump before 4.9.0 has a buffer overflow in print-fr.c:q933print, a different vulnerability than CVE-2016-8575. CVE-2017-5483 The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1parse. CVE-2017-5484 Th...
K95453343: Multiple Java vulnerabilities CVE-2020-2601, CVE-2020-2604, CVE-2020-2654
Security Advisory Description CVE-2020-2601 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows...
K55053009: Oracle Java SE JAXP vulnerability CVE-2020-14621
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JAXP. Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with...
K16489: Linux kernel security vulnerabilities CVE-2010-3848, CVE-2010-3849, and CVE-2010-3850
Security Advisory Description CVE-2010-3848 Stack-based buffer overflow in the econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures...
K71436934: Apache httpd vulnerability CVE-2016-4979
Security Advisory Description The Apache HTTP Server 2.4.18 through 2.4.20, when modhttp2 and modssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request authorization, which allows remote attackers to bypass intended access restrictions by leveragin...
K95698826: LZO vulnerability CVE-2014-4607
Security Advisory Description An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cau...
K15568: OpenSSL vulnerability CVE-2014-3510
Security Advisory Description The ssl3sendclientkeyexchange function in s3clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service NULL pointer dereference and client application crash via a crafted handshake...
K60570139: Rowhammer hardware vulnerability CVE-2020-10255
Security Advisory Description Modern DRAM chips DDR4 and LPDDR4 after 2015 are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh TRR, aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain...
K59591931: Drupal vulnerability CVE-2018-7602
Security Advisory Description A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to...
K50315101: Linux kernel vulnerability CVE-2019-14898
Security Advisory Description The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with...
K54501561: Apple Mac OS X Wiki Server vulnerability CVE-2008-1579
Security Advisory Description Wiki Server in Apple Mac OS X 10.5 before 10.5.3 allows remote attackers to obtain sensitive information user names by reading the error message produced upon access to a nonexistent blog. CVE-2008-1579 Impact There is no impact; F5 products are not affected by this...
K38893457: BIG-IP DNS TMUI vulnerability CVE-2022-33947
Security Advisory Description A vulnerability exists in undisclosed pages of the BIG-IP DNS Traffic Management User Interface TMUI that allows an authenticated attacker with at least operator role privileges to cause the Tomcat process to restart and perform unauthorized DNS requests and operatio...
K00245734: INTEL-SA-00204 - Intel PROSet/Wireless WiFi Software vulnerability CVE-2018-3701
Security Advisory Description Improper directory permissions in the installer for IntelR PROSet/Wireless WiFi Software version 20.100 and earlier may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2018-3701 Impact There is no impact; F5 products ar...
K33606035: OpenJDK vulnerability CVE-2020-14792
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker wit...
K75521003: FreeBSD SACK Slowness vulnerability CVE-2019-5599
Security Advisory Description In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-RELEASE-p6, a bug in the non-default RACK TCP stack can allow an attacker to cause several linked lists to grow unbounded and cause an expensive list traversal on every packet being processed, leading...
K41242221: QEMU vulnerability CVE-2017-2615
Security Advisory Description Quick emulator QEMU built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU...
K63326092: NTP vulnerability CVE-2016-7434
Security Advisory Description The readmrulist function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service crash via a crafted mrulist query. CVE-2016-7434 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...