6413 matches found
K16879: Apache Portable Runtime vulnerability CVE-2011-1928
Security Advisory Description Description The fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service infinite loop via a URI that does not match unspecified types of...
K48802597: Java vulnerabilities CVE-2013-5825 and CVE-2013-5830
Security Advisory Description CVE-2013-5825 Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect...
K50118123: Java vulnerabilities CVE-2016-0466 and CVE-2016-0483
Security Advisory Description CVE-2016-0466 Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP...
K11353642: Linux kernel vulnerability CVE-2013-2596
Security Advisory Description Integer overflow in the fbmmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and...
K14371: Apache Axis vulnerability CVE-2012-5784
Security Advisory Description Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the...
K15866: Multiple PHP vulnerabilities CVE-2014-3668, CVE-2014-3669, and CVE-2014-3670
Security Advisory Description CVE-2014-3668 Buffer overflow in the datefromISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP before 5.4.34, 5.5.x before 5.5.18, and 5.6.x before 5.6.2 allows remote attackers to cause a denial of service applicati...
K44551633: Multiple tcpdump vulnerabilities
Security Advisory Description CVE-2018-14881 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpcapabilitiesprint BGPCAPCODERESTART. CVE-2018-14882 The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. CVE-2018-16227 The IEEE 802.11 parser...
K60742457: Linux kernel vulnerability CVE-2015-8374
Security Advisory Description fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action. CVE-2015-8374 Impact A local user may be able to obtain sensitive informati...
K14652952: yurex USB driver vulnerability CVE-2018-16276
Security Advisory Description An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges...
SOL15479471 - Mozilla NSS vulnerability CVE-2016-2834
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL43449212 - PHP vulnerability CVE-2016-5096
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL55181425 - Wget vulnerability CVE-2016-4971
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL37024017 - Apache Struts 2 vulnerability CVE-2016-3087
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL53316849 - Java vulnerability CVE-2013-5802
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL61570943 - libXML2 vulnerabilities CVE-2015-7941 and CVE-2015-7942
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL98102572 - Linux kernel vulnerability CVE-2015-7990
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL62700573 - Linux kernel vulnerabilities CVE-2010-5313 and CVE-2014-7842
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17454 - OpenSSL vulnerabilities CVE-2005-2946, CVE-2008-0891, and CVE-2012-2131
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL17202 - Apache HTTP server vulnerability CVE-2012-3502
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL17061 - Multiple PHP vulnerabilities
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL15984 - Linux kernel vulnerability CVE-2013-7265
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15908 - Linux kernel mac80211 vulnerability CVE-2014-8709
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15573 - OpenSSL DTLS vulnerabilities CVE-2014-3505, CVE-2014-3506, and CVE-2014-3507
1 If you are planning to upgrade to BIG-IP APM 11.5.1 HF6 to mitigate this issue, you should instead upgrade to 11.5.1 HF7 to avoid an issue specific to BIG-IP APM. For more information, refer to SOL15914: The tmm process may restart and produce a core file after BIG-IP APM systems are upgraded. ...
SOL15512 - LZO decompressor vulnerability CVE-2014-4608
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15319 - Linux kernel TTY vulnerability CVE-2014-0196
The nttywrite function in drivers/tty/ntty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service memory corruption and system crash or gain privileges by triggering a race condition...
SOL15147 - OpenSSL vulnerability CVE-2013-6449
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL2617 - Reverse name resolution vulnerability in SSH - CVE-2003-0386
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address...
K000148809: Qt vulnerabilities CVE-2023-38197 and CVE-2023-37369
Security Advisory Description CVE-2023-38197 An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. CVE-2023-37369 In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2,...
K000141127: Multiple FreeType vulnerabilities
Security Advisory Description CVE-2014-9668 The woffopenfont function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or...
K000140040: OpenLDAP slapd vulnerabilities CVE-2020-36230, CVE-2020-36229, CVE-2017-17740, CVE-2017-9287, and CVE-2017-14159
Security Advisory Description CVE-2020-36230 A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. CVE-2020-36229 A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57...
K000138650: cURL vulnerability CVE-2023-46218
Security Advisory Description This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It...
K000137926: Apache Tomcat vulnerability CVE-2023-46589
Security Advisory Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded...
K000137864: Squid vulnerabilities CVE-2023-46846, CVE-2023-46847, CVE-2023-46848
Security Advisory Description CVE-2023-46846 SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. CVE-2023-46847 Squid is vulnerable to a Denial of Service,...
K000137325: Apache httpd vulnerability CVE-2023-43622
Security Advisory Description An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resources in the server, similar to the well known "slow loris" attack...
K000135206: Linux kernel vulnerability CVE-2023-32233
Security Advisory Description In the Linux kernel through 6.3.1, a use-after-free in Netfilter nftables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous...
K14919: Socat vulnerabilities CVE-2010-2799, CVE-2012-0219, and CVE-2013-3571
Security Advisory Description CVE-2010-2799 Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line...
K44104514: Apache Storm vulnerability CVE-2021-40865
Security Advisory Description An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution RCE. Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to...
K17124: Linux kernel vulnerability CVE-2015-1465
Security Advisory Description The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update RCU grace period for redirecting lookups in the absence of caching, which allows remote attackers to cause a denial of service memory consumption o...
K87920510: BIG-IP mcpd vulnerability CVE-2019-6647
Security Advisory Description When processing authentication attempts for control-plane users, mcpd leaks a small amount of memory. Under rare conditions, attackers with access to the management interface can eventually deplete memory on the system. CVE-2019-6647 Impact Repeated failed...
K44482551: Intel I210 network adapter vulnerability CVE-2020-0525
Security Advisory Description Improper access control in firmware for the IntelR Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access. CVE-2020-0525 Impact The BIG-IP management network port us...
K15512: LZO decompressor vulnerability CVE-2014-4608
Security Advisory Description DISPUTED Multiple integer overflows in the lzo1xdecompresssafe function in lib/lzo/lzo1xdecompresssafe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service memory corruption via a crafted Literal...
K15516: LZ4 compression vulnerability CVE-2014-4715
Security Advisory Description Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified...
K17270: OpenSSH vulnerability CVE-2015-6565
Security Advisory Description sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service terminal disruption or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence...
K16136: OpenSSL vulnerability CVE-2014-8275
Security Advisory Description OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a...
K30215094: Ruby vulnerability CVE-2016-7798
Security Advisory Description The openssl gem for Ruby uses the same initialization vector IV in GCM Mode aes--gcm when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. CVE-2016-7798 Impact There is no impact; F5...
K44603900: BIG-IP Configuration utility vulnerability CVE-2019-6598
Security Advisory Description Malformed requests to the Traffic Management User Interface TMUI, also referred to as the BIG-IP Configuration utility, may lead to disruption of TMUI services. This attack requires an authenticated user with any role other than the No Access role. The No Access user...
K50839343: NGINX ModSecurity WAF vulnerability CVE-2021-42717
Security Advisory Description ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large e.g., 300KB HTTP request can occupy...
K15319: Linux kernel TTY vulnerability CVE-2014-0196
Security Advisory Description The nttywrite function in drivers/tty/ntty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service memory corruption and system crash or gain privileges by...
K15747621: Linux kernel vulnerability CVE-2020-28374
Security Advisory Description In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, ...
K17462: Linux kernel vulnerability CVE-2015-2830
Security Advisory Description arch/x86/kernel/entry64.S in the Linux kernel before 3.19.2 does not prevent the TSCOMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the 1 fork or 2 close...