Lucene search
K

6402 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•55 views

K82034427: BIG-IP FTP profile vulnerability CVE-2022-26130

Security Advisory Description When an Active mode-enabled FTP profile is configured on a virtual server, undisclosed traffic can cause the virtual server to stop processing active FTP data channel connections. CVE-2022-26130 Impact Traffic is disrupted for active FTP data channel connections. Thi...

5.3CVSS5.4AI score0.00854EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•55 views

K62506335: libgxps vulnerability CVE-2018-10733

Security Advisory Description There is a heap-based buffer over-read in the function ftfontfacehash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack. CVE-2018-10733 Impact There is no impact; F5 products are not affected by this vulnerabilit...

6.5CVSS6.5AI score0.02263EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•55 views

K75555129: Netty vulnerabilities CVE-2019-16869 and CVE-2020-7238

Security Advisory Description CVE-2019-16869 Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers such as a "Transfer-Encoding : chunked" line, which leads to HTTP request smuggling. CVE-2020-7238 Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles...

7.5CVSS7.4AI score0.08415EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•55 views

K36302720: Apache Tomcat vulnerability CVE-2016-6797

Security Advisory Description The ResourceLinkFactory implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not limit web application access to global JNDI resources to those resources explicitly linked to the web...

7.5CVSS6.5AI score0.0807EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•55 views

K17518: NTP vulnerability CVE-2015-7871

Security Advisory Description Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication. CVE-2015-7871 Impact An unauthenticated remote attacker may force ntpd processes on targeted servers to peer with time sources of the...

9.8CVSS6.5AI score0.81762EPSS
Exploits2Affected Software18
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•55 views

K07944249: Node.js vulnerability CVE-2020-8277

Security Advisory Description A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions 15.2.1, 14.15.1, and 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. This is...

7.5CVSS7.8AI score0.54164EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•55 views

K04185528: LibTIFF vulnerabilities CVE-2016-3186 CVE-2018-10779 CVE-2018-10963 CVE-2018-12900 CVE-2018-17100 CVE-2018-17101 CVE-2018-18661 CVE-2018-7456 CVE-2018-8905

Security Advisory Description CVE-2016-3186 Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service application crash via a crafted GIF file. CVE-2018-10779 TIFFWriteScanline in tifwrite.c in LibTIFF 3.8.2 has a heap-based...

8.8CVSS7.9AI score0.25183EPSS
Exploits6
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•55 views

K73464925: Multiple Java vulnerabilities CVE-2021-35588, CVE-2021-35603, CVE-2021-35565, CVE-2021-35578

Security Advisory Description CVE-2021-35588 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 7u311, 8u301; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit...

5.3CVSS4.4AI score0.06886EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•55 views

K02186513: Linux kernel vulnerability CVE-2020-1749

Security Advisory Description A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link;...

7.5CVSS6.3AI score0.0124EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•55 views

K28418435: Java vulnerability CVE-2017-10053

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows...

5.3CVSS6.3AI score0.0345EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•55 views

K04897373: BIG-IP TMM vulnerability CVE-2019-6678

Security Advisory Description When the tm.minipfragsize BigDB variable is modified from the default value to a value less than 60 and the packet filter feature is enabled, specifically crafted fragmented TCP packets may cause the Traffic Management Microkernel TMM to fail and restart. CVE-2019-66...

5.3CVSS5.5AI score0.00998EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•57 views

K19855851: Intel SPI Flash vulnerability CVE-2017-5703

Security Advisory Description Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service. CVE-2017-5703 Impact BIG-IP A local attacker can alter the behavior of the SPI Flash...

6CVSS6AI score0.00355EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•55 views

K51813353: Linux Kernel vulnerability CVE-2019-9506

Security Advisory Description The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks aka "KNOB" that can decrypt traff...

8.1CVSS7.5AI score0.02691EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:32 p.m.•55 views

K05911127: Java vulnerability CVE-2017-10176

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows...

7.5CVSS7.2AI score0.05034EPSS
Exploits0Affected Software9
F5 Networks
F5 Networks
•added 2023/02/21 6:32 p.m.•55 views

K06044762: systemd vulnerabilities CVE-2018-16864 and CVE-2018-16865

Security Advisory Description CVE-2018-16864 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash...

7.8CVSS7.3AI score0.02958EPSS
Exploits3Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:31 p.m.•55 views

K11010341: Authenticated iControl REST in Appliance mode vulnerability CVE-2022-35243

Security Advisory Description When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, using an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary...

9.1CVSS8.3AI score0.00628EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
•added 2023/02/21 6:30 p.m.•55 views

K15635: PHP 5.x vulnerability - CVE-2012-1171

Security Advisory Description The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to bypass the openbasedir protection mechanism and read arbitrary files via vectors involving a streamclose method call during use of a custom stream wrapper. CVE-2012-1171 Impact None. No F5 products a...

5CVSS9AI score0.02812EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:27 p.m.•55 views

K72430453: PostgreSQL vulnerability CVE-2020-25696

Security Advisory Description A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute...

7.6CVSS8.2AI score0.02586EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:32 p.m.•55 views

K59722044: PHP vulnerabilities CVE-2016-1903 and CVE-2016-1904

Security Advisory Description CVE-2016-1903 The gdImageRotateInterpolated function in ext/gd/libgd/gdinterpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and...

9.1CVSS9.3AI score0.07806EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/01/04 6:25 p.m.•55 views

K53244431: SSL Intercept iApp HTTP Explicit Proxy vulnerability CVE-2017-0305

SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus...

9.8CVSS9.5AI score0.03776EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2022/12/22 11:0 p.m.•55 views

K05200155: Multiple Java vulnerabilities

Security Advisory Description CVE-2015-4734 Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. CVE-2015-4805 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60,...

10CVSS6.1AI score0.13354EPSS
Exploits0
F5 Networks
F5 Networks
•added 2016/09/07 12:0 a.m.•55 views

SOL40521234 - Multiple Oracle Java SE vulnerabilities

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.6CVSS2.4AI score0.0669EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/07/18 12:0 a.m.•55 views

SOL54225343 - libxml2 vulnerabilities CVE-2016-3627 and CVE-2016-3705

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS2AI score0.07025EPSS
Exploits1References5
F5 Networks
F5 Networks
•added 2016/05/10 12:0 a.m.•55 views

SOL04972684 - PHP vulnerability CVE-2016-3185

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.1CVSS2.5AI score0.03146EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/05/09 12:0 a.m.•55 views

SOL03151140 - ImageMagick vulnerability CVE-2016-3714

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

10CVSS0.6AI score0.97485EPSS
Exploits13References9
F5 Networks
F5 Networks
•added 2016/05/06 12:0 a.m.•55 views

SOL23230229 - OpenSSL vulnerability CVE-2016-2109

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.8CVSS2.2AI score0.2921EPSS
Exploits1References7
F5 Networks
F5 Networks
•added 2016/03/23 12:0 a.m.•55 views

SOL79215841 - OpenSSL vulnerability CVE-2016-0702

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.1CVSS2.9AI score0.0191EPSS
Exploits1References6
F5 Networks
F5 Networks
•added 2015/11/02 12:0 a.m.•55 views

SOL17524 - NTP vulnerability CVE-2015-7854

If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not lis...

8.8CVSS0.2AI score0.1456EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/09/24 12:0 a.m.•55 views

SOL17309 - Linux kernel vulnerability CVE-2015-5366

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

7.8CVSS1.6AI score0.06267EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/07/02 12:0 a.m.•55 views

SOL16826 - PHP vulnerability CVE-2015-4024

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS2.1AI score0.50129EPSS
Exploits1References7
F5 Networks
F5 Networks
•added 2015/06/17 12:0 a.m.•55 views

SOL16764 - PHP vulnerability CVE-2015-4022

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

7.5CVSS0.6AI score0.20837EPSS
Exploits1References13
F5 Networks
F5 Networks
•added 2015/03/20 12:0 a.m.•56 views

SOL16302 - OpenSSL vulnerability CVE-2015-0292

Integer underflow in the EVPDecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact v...

7.5CVSS7.7AI score0.44503EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2015/01/21 12:0 a.m.•55 views

SOL16009 - OpenSSH vulnerability CVE-2014-9278

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

4CVSS3.3AI score0.01833EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/11/06 12:0 a.m.•55 views

SOL15792 - Path MTU discovery vulnerability CVE-2004-1060

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS3.2AI score0.7467EPSS
Exploits10References7
F5 Networks
F5 Networks
•added 2014/11/03 12:0 a.m.•55 views

SOL15784 - Kerberos vulnerability CVE-2013-1418

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists...

4.3CVSS2.3AI score0.05508EPSS
Exploits1References5
F5 Networks
F5 Networks
•added 2014/10/02 12:0 a.m.•55 views

SOL15641 - Outdated or incorrect version vulnerability CVE-1999-0662

Recommended action To mitigate this vulnerability, you can subscribe to email notifications to keep up with the latest hotfixes and updates for your product. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new...

10CVSS3.2AI score0.01908EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/06/05 12:0 a.m.•55 views

SOL15316 - PHP vulnerability CVE-2013-4635

Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS3.7AI score0.0423EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2009/06/09 12:0 a.m.•55 views

SOL10143 - Cross-Site Scripting Vulnerabilities in the FirePass logon

Cross-site scripting XSS vulnerabilities exist in the FirePass logon page, which is accessible prior to authentication. The affected FirePass page fails to fully sanitize HTTP request input before the web page content is sent to the browser. By altering the HTTP request input in the cookie, a...

4.3CVSS6.3AI score0.01569EPSS
Exploits0
F5 Networks
F5 Networks
•added 2008/09/01 12:0 a.m.•55 views

SOL9107 - OpenSSH vulnerability CVE-2008-1483

Information about this advisory is available at the following locations: Note: The following links take you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...

6.9CVSS6.1AI score0.00346EPSS
Exploits1
F5 Networks
F5 Networks
•added 2007/12/27 12:0 a.m.•55 views

SOL8186 - Cross-site scripting vulnerability in Apache mod_imap CVE-2007-5000

F5 Product Development has determined the likelihood of exploitation is low for the cross-site scripting XSS vulnerability disclosed in CVE-2007-5000. Exploiting this vulnerability would require an administrator of an F5 device to interact with a web page crafted by an attacker. Possible attacks...

4.3CVSS6.8AI score0.46603EPSS
Exploits1
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•55 views

SOL4009 - Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599

These vulnerabilities are described as methods under which an attacker could generate a PNG file that would cause applications that use libpng to execute arbitrary code. Since an attacker would require root access to the BIG-IP or 3-DNS in order to exploit this vulnerability, it is considered to ...

10CVSS4.7AI score0.82537EPSS
Exploits3
F5 Networks
F5 Networks
•added 2003/12/04 12:0 a.m.•55 views

SOL2888 - DNS cache poisoning vulnerability CVE-2003-0914

Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...

4.3CVSS5.6AI score0.0316EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/05/29 1:36 p.m.•54 views

K000139611: NGINX HTTP/3 QUIC vulnerability CVE-2024-31079

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection...

4.8CVSS6.7AI score0.00872EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2024/03/06 10:53 p.m.•54 views

K000138850: OpenJDK vulnerabilities CVE-2024-20918, CVE-2024-20925, CVE-2024-20945, CVE-2024-20952, and CVE-2024-20955

Security Advisory Description CVE-2024-20918 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle...

7.4CVSS5.5AI score0.00918EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/02/21 6:13 p.m.•54 views

K000138679: Golang vulnerabilities CVE-2023-24540, CVE-2023-29400, and CVE-2023-29403

Security Advisory Description CVE-2023-24540 Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly...

9.8CVSS6.8AI score0.01548EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•54 views

K42219132: OpenSSL vulnerability CVE-2016-6309

Security Advisory Description statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session. CVE-2016-6309 Impact There is no...

10CVSS9.8AI score0.70223EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•54 views

K35205264: Linux kernel vulnerability CVE-2018-10938

Security Advisory Description A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipsov4optptr function in net/ipv4/cipsoipv4.c leading to a denial-of-servic...

7.1CVSS6.1AI score0.04997EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•54 views

K01225001: Apache Tomcat vulnerability CVE-2017-5664

Security Advisory Description The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to...

7.5CVSS7.7AI score0.16567EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•54 views

K01837042: Multiple Wireshark (tshark) vulnerabilities

Security Advisory Description CVE-2015-8711 epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash v...

7.1CVSS6.9AI score0.05488EPSS
Exploits5Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•54 views

K15745: Multiple Oracle Java vulnerabilities

Security Advisory Description CVE-2014-6513 Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. CVE-2014-6532 Unspecified vulnerability in Oracle Jav...

10CVSS6.8AI score0.05639EPSS
Exploits1
Total number of security vulnerabilities5000