6294 matches found
K23465404: BIG-IP LTM and APM NTLM vulnerability CVE-2022-33968
Security Advisory Description When an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read. CVE-2022-33968 Impact If an attacker controls the server that handles monitor traffic or the APM SSO endpoint,...
K15747621: Linux kernel vulnerability CVE-2020-28374
Security Advisory Description In drivers/target/targetcorexcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, ...
K17462: Linux kernel vulnerability CVE-2015-2830
Security Advisory Description arch/x86/kernel/entry64.S in the Linux kernel before 3.19.2 does not prevent the TSCOMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit protection mechanism via a crafted application that uses the 1 fork or 2 close...
K83181523: PHP vulnerability CVE-2018-10546
Security Advisory Description An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. CVE-2018-10546 Impact There is no...
K95375529: PHP vulnerabilities CVE-2013-7456, CVE-2016-4343, and CVE-2016-5093
Security Advisory Description CVE-2013-7456 gdinterpolation.c in the GD Graphics Library aka libgd before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impa...
K97035296: Microarchitectural Load Port Data Sampling - Information Leak (MLPDS) CVE-2018-12127
Security Advisory Description Microarchitectural Load Port Data Sampling MLPDS: Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2018-12127 Impact MDS...
K16475: Multiple Sun Java vulnerabilities
Security Advisory Description CVE-2007-3655 Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file. CVE-2007-3716 The Java XML...
K22012502: Linux kernel vulnerability CVE-2017-7273
Security Advisory Description The cpreportfixup function in drivers/hid/hid-cypress.c in the Linux kernel 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service integer underflow or possibly have unspecified other impact via a crafted HID report. CVE-2017-7273 Impact...
K75885190: MariaDB vulnerability CVE-2020-15180
Security Advisory Description A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's...
K16187341: BIG-IP ICAP profile vulnerability CVE-2022-27189
Security Advisory Description When an Internet Content Adaptation Protocol ICAP profile is configured on a virtual server, undisclosed traffic can cause an increase in Traffic Management Microkernel TMM memory resource utilization. CVE-2022-27189 Impact Traffic is disrupted while the TMM process...
K62701550: Multiple Java vulnerabilities
Security Advisory Description CVE-2022-21248 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4...
K02186513: Linux kernel vulnerability CVE-2020-1749
Security Advisory Description A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link;...
K59440504: Apache mod_ssl vulnerability CVE-2019-0215
Security Advisory Description In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. CVE-2019-0215 Impact There is no impact; F5 products are not...
K01176681: Intel(R) Kernelflinger vulnerability CVE-2021-33137
Security Advisory Description Out-of-bounds write in the IntelR Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2021-33137 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
K04897373: BIG-IP TMM vulnerability CVE-2019-6678
Security Advisory Description When the tm.minipfragsize BigDB variable is modified from the default value to a value less than 60 and the packet filter feature is enabled, specifically crafted fragmented TCP packets may cause the Traffic Management Microkernel TMM to fail and restart. CVE-2019-66...
K19855851: Intel SPI Flash vulnerability CVE-2017-5703
Security Advisory Description Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service. CVE-2017-5703 Impact BIG-IP A local attacker can alter the behavior of the SPI Flash...
K13213573: Linux kernel vulnerability CVE-2012-6701
Security Advisory Description Integer overflow in fs/aio.c in the Linux kernel before 3.4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. CVE-2012-6701 Impact This vulnerability allows for a disruption of service. Security Advisor...
K50148721: MySQL vulnerabilities CVE-2018-3282, CVE-2018-3283, CVE-2018-3284, CVE-2018-3285, and CVE-2018-3286
Security Advisory Description CVE-2018-3282 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Storage Engines. Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allow...
K05911127: Java vulnerability CVE-2017-10176
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Easily exploitable vulnerability allows...
K08602542: SAMBA vulnerability CVE-2022-0336
Security Advisory Description The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously...
K11010341: Authenticated iControl REST in Appliance mode vulnerability CVE-2022-35243
Security Advisory Description When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, using an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary...
K16872: Java Runtime Environment vulnerability CVE-2013-4002
Security Advisory Description Unspecified vulnerability in the Java Runtime Environment JRE in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect availability via unknown vectors. CVE-2013-4002 Impact The vulnerable...
K16913: OpenSSL vulnerability CVE-2015-1789
Security Advisory Description The X509cmptime function in crypto/x509/x509vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted length field in...
K15685: Linux kernel vulnerability CVE-2014-3940
Security Advisory Description The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service memory corruption or system crash by accessing certain memory locations, as demonstrated by triggering a race condition v...
K60742457: Linux kernel vulnerability CVE-2015-8374
Security Advisory Description fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action. CVE-2015-8374 Impact A local user may be able to obtain sensitive informati...
K59722044: PHP vulnerabilities CVE-2016-1903 and CVE-2016-1904
Security Advisory Description CVE-2016-1903 The gdImageRotateInterpolated function in ext/gd/libgd/gdinterpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain sensitive information or cause a denial of service out-of-bounds read and...
K15638: Python vulnerability CVE-2013-4238
Security Advisory Description The ssl.matchhostname function in the SSL module in Python 2.6 through 3.4 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL server...
K53244431: SSL Intercept iApp HTTP Explicit Proxy vulnerability CVE-2017-0305
SSL Intercept iApp version 1.5.0 - 1.5.7 is vulnerable to an unauthenticated, remote attack that may allow modification of the BIG-IP system configuration, extraction of sensitive system files, and possible remote command execution on the system when deployed using the Explicit Proxy feature plus...
K05200155: Multiple Java vulnerabilities
Security Advisory Description CVE-2015-4734 Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. CVE-2015-4805 Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60,...
SOL02254805 - InfiniBand vulnerability in the Linux Kernel CVE-2016-4565
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL61414056 - Apache Tomcat vulnerability CVE-2016-5425
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL92111011 - Linux kernel vulnerability CVE-2016-2117
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL12254802 - Apache httpd HTTP/2 vulnerability CVE-2016-1546
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL29154575 - ImageMagick vulnerability CVE-2016-3717
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL04972684 - PHP vulnerability CVE-2016-3185
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL03151140 - ImageMagick vulnerability CVE-2016-3714
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL02004209 - Oracle Java vulnerability CVE-2014-0411
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL14132811 - Java vulnerability CVE-2015-4893
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17454 - OpenSSL vulnerabilities CVE-2005-2946, CVE-2008-0891, and CVE-2012-2131
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL17309 - Linux kernel vulnerability CVE-2015-5366
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16881 - OZWPAN driver vulnerabilities CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4004
CVE-2015-4001 Integer signedness error in the ozhcdgetdesccnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted packet. CVE-2015-4002...
SOL16764 - PHP vulnerability CVE-2015-4022
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16443 - MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16013 - OpenSSL vulnerability CVE-2014-3569
Note: While the F5 products listed in the table may contain a version of OpenSSL that is affected by this vulnerability, those OpenSSL versions are not compiled with the vulnerable option on the F5 products. Recommended Action If the previous table lists a version in the Versions known to be not...
SOL16009 - OpenSSH vulnerability CVE-2014-9278
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15573 - OpenSSL DTLS vulnerabilities CVE-2014-3505, CVE-2014-3506, and CVE-2014-3507
1 If you are planning to upgrade to BIG-IP APM 11.5.1 HF6 to mitigate this issue, you should instead upgrade to 11.5.1 HF7 to avoid an issue specific to BIG-IP APM. For more information, refer to SOL15914: The tmm process may restart and produce a core file after BIG-IP APM systems are upgraded. ...
SOL15480 - PHP vulnerability CVE-2012-2688
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15316 - PHP vulnerability CVE-2013-4635
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15152 - Ruby vulnerability CVE-2013-4164
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL12826 - Java Runtime Environment (JRE) vulnerability: CVE-2010-4476
These F5 product versions use the affected Java function to manage traffic in the Configuration utility. However, the system filters the input value to the function so the value falls within an expected range before the system passes data to the function. These expected ranges of data do not...