6294 matches found
K22012502: Linux kernel vulnerability CVE-2017-7273
Security Advisory Description The cpreportfixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service integer underflow or possibly have unspecified other impact via a crafted HID report. CVE-2017-7273 Impact...
K75885190: MariaDB vulnerability CVE-2020-15180
Security Advisory Description A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's...
K36302720: Apache Tomcat vulnerability CVE-2016-6797
Security Advisory Description The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web...
K17518: NTP vulnerability CVE-2015-7871
Security Advisory Description Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication. CVE-2015-7871 Impact An unauthenticated remote attacker may force ntpd processes on targeted servers to peer with time sources of the...
K10396196: Linux RPM vulnerability CVE-2021-20271
Security Advisory Description A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute...
K73464925: Multiple Java vulnerabilities CVE-2021-35588, CVE-2021-35603, CVE-2021-35565, CVE-2021-35578
Security Advisory Description CVE-2021-35588 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit...
K37256400: Linux kernel vulnerability CVE-2021-4028
Security Advisory Description A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local...
K32805465: Linux kernel Vulnerability CVE-2021-3483
Security Advisory Description A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality,...
K03521623: Linux kernel vulnerability CVE-2017-7541
Security Advisory Description The brcmfcfg80211mgmttx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service buffer overflow and system crash or possibly gain privileges via a crafted NL80211CMDFRAM...
K49905324: BIG-IP TMUI CSRF vulnerability CVE-2022-1389
Security Advisory Description A cross-site request forgery CSRF vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. This vulnerability allows an attacker to run a limited set of commands: ping, traceroute, and WOM diagnostics. CVE-2022-1389 Impact An attacker may...
K03007515: Linux kernel vulnerabilities CVE-2018-7755 and CVE-2019-14283
Security Advisory Description CVE-2018-7755 An issue was discovered in the fdlockedioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver will copy a kernel pointer to user memory in response to the FDGETPRM ioctl. An attacker can send the FDGETPRM ioctl an...
K51813353: Linux Kernel vulnerability CVE-2019-9506
Security Advisory Description The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks aka "KNOB" that can decrypt traff...
K06044762: systemd vulnerabilities CVE-2018-16864 and CVE-2018-16865
Security Advisory Description CVE-2018-16864 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash...
K72430453: PostgreSQL vulnerability CVE-2020-25696
Security Advisory Description A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute...
K48802597: Java vulnerabilities CVE-2013-5825 and CVE-2013-5830
Security Advisory Description CVE-2013-5825 Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect...
K17115: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2015-0405 Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA. CVE-2015-0423 Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remo...
K82793463: BIG-IP MRF Diameter vulnerability CVE-2022-23019
Security Advisory Description When a message routing type virtual server is configured with both Diameter Session and Router Profiles, undisclosed traffic can cause an increase in memory resource utilization. CVE-2022-23019 Impact System performance can degrade until the process is either forced ...
SOL32049025 - BIND vulnerability CVE-2016-6170
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL54225343 - libxml2 vulnerabilities CVE-2016-3627 and CVE-2016-3705
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL37024017 - Apache Struts 2 vulnerability CVE-2016-3087
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL23230229 - OpenSSL vulnerability CVE-2016-2109
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL98102572 - Linux kernel vulnerability CVE-2015-7990
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL75136237 - Privilege escalation vulnerability CVE-2015-7393
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17202 - Apache HTTP server vulnerability CVE-2012-3502
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16826 - PHP vulnerability CVE-2015-4024
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16302 - OpenSSL vulnerability CVE-2015-0292
Integer underflow in the EVPDecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact v...
SOL15663 - MD2 Message-Digest Algorithm vulnerability CVE-2009-2409
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15561 - Kerberos vulnerability CVE-2014-4344
Vulnerability Recommended Actions You can eliminate this vulnerability by running a version listed in the Versions known to be not vulnerable column in the above tables. If the Versions known to be not vulnerable column does not list a version that is higher than the version you are running, then...
SOL15147 - OpenSSL vulnerability CVE-2013-6449
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15152 - Ruby vulnerability CVE-2013-4164
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL2888 - DNS cache poisoning vulnerability CVE-2003-0914
Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...
K000141127: Multiple FreeType vulnerabilities
Security Advisory Description CVE-2014-9668 The woffopenfont function in sfnt/sfobjs.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting length values, which allows remote attackers to cause a denial of service integer overflow and heap-based buffer overflow or...
K000140711: Python urllib3 vulnerability CVE-2024-37891
Security Advisory Description urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy suppor...
K000140040: OpenLDAP slapd vulnerabilities CVE-2020-36230, CVE-2020-36229, CVE-2017-17740, CVE-2017-9287, and CVE-2017-14159
Security Advisory Description CVE-2020-36230 A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service. CVE-2020-36229 A flaw was discovered in ldapX509dn2bv in OpenLDAP before 2.4.57...
K000138850: OpenJDK vulnerabilities CVE-2024-20918, CVE-2024-20925, CVE-2024-20945, CVE-2024-20952, and CVE-2024-20955
Security Advisory Description CVE-2024-20918 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle...
K000137926: Apache Tomcat vulnerability CVE-2023-46589
Security Advisory Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded...
K42219132: OpenSSL vulnerability CVE-2016-6309
Security Advisory Description statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session. CVE-2016-6309 Impact There is no...
K35205264: Linux kernel vulnerability CVE-2018-10938
Security Advisory Description A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4.c leading to a denial-of-servic...
K82570157: NTP vulnerability CVE-2018-7170
Security Advisory Description ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This...
K15745: Multiple Oracle Java vulnerabilities
Security Advisory Description CVE-2014-6513 Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. CVE-2014-6532 Unspecified vulnerability in Oracle Jav...
K11830089: BIG-IP Advanced WAF and ASM iControl REST vulnerability CVE-2022-41617
Security Advisory Description When the F5 BIG-IP Advanced WAF or BIG-IP ASM module is provisioned, an authenticated remote code execution vulnerability exists in the BIG-IP iControl REST interface. CVE-2022-41617 Impact On systems deployed in Standard or Appliance mode, this vulnerability may all...
K21121402: PHP vulnerability CVE-2020-7062
Security Advisory Description In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.uploadprogress.cleanup is set to 0 disabled, and the file upload fails, the upload procedure would...
K52171694: OpenSSL vulnerability CVE-2021-3450
Security Advisory Description The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curv...
K44482551: Intel I210 network adapter vulnerability CVE-2020-0525
Security Advisory Description Improper access control in firmware for the IntelR Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access. CVE-2020-0525 Impact The BIG-IP management network port us...
K16489: Linux kernel security vulnerabilities CVE-2010-3848, CVE-2010-3849, and CVE-2010-3850
Security Advisory Description CVE-2010-3848 Stack-based buffer overflow in the econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures...
K56480726: Linux kernel vulnerability CVE-2019-8980
Security Advisory Description A memory leak in the kernelreadfile function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service memory consumption by triggering vfsread failures. CVE-2019-8980 Impact There is no impact; F5 products are not affected by thi...
K15630: TLS in Mozilla NSS vulnerability CVE-2013-1620
Security Advisory Description The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attack...
K15516: LZ4 compression vulnerability CVE-2014-4715
Security Advisory Description Yann Collet LZ4 before r119, when used on certain 32-bit platforms that allocate memory beyond 0x80000000, does not properly detect integer overflows, which allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified...
K17326: Linux kernel vulnerability CVE-2015-5157
Security Advisory Description arch/x86/entry/entry64.S in the Linux kernel before 4.1.6 on the x8664 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI. CVE-2015-5157 Impact A locally...
K47098834: glibc vulnerability CVE-2015-7547
Security Advisory Description Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS...