6413 matches found
K01837042: Multiple Wireshark (tshark) vulnerabilities
Security Advisory Description CVE-2015-8711 epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service NULL pointer dereference and application crash v...
K15745: Multiple Oracle Java vulnerabilities
Security Advisory Description CVE-2014-6513 Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. CVE-2014-6532 Unspecified vulnerability in Oracle Jav...
K17127: PHP vulnerability CVE-2014-9709
Security Advisory Description The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted GIF image that is improperly handled by the...
K16707: cURL and libcurl vulnerability CVE-2015-3148
Security Advisory Description cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. CVE-2015-3148 Impact Remote attackers may be able to re-use Negotiate connections as other user...
K93472064: Linux kernel vulnerability CVE-2017-12190
Security Advisory Description The biomapuseriov and biounmapuser functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bioaddpcpage function merges them into one, but the page...
K52171694: OpenSSL vulnerability CVE-2021-3450
Security Advisory Description The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curv...
K11410303: cURL vulnerability CVE-2017-2629
Security Advisory Description curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure. It ends up always thinking there's valid proof, even when...
K25570584: Apache Struts vulnerability CVE-2012-0394
Security Advisory Description DISPUTED The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability...
K33522171: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2020-14550 Vulnerability in the MySQL Client product of Oracle MySQL component: C API. Supported versions that are affected are 5.6.48 and prior, 5.7.30 and prior and 8.0.20 and prior. Difficult to exploit vulnerability allows low privileged attacker with network...
K56480726: Linux kernel vulnerability CVE-2019-8980
Security Advisory Description A memory leak in the kernelreadfile function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service memory consumption by triggering vfsread failures. CVE-2019-8980 Impact There is no impact; F5 products are not affected by thi...
K15630: TLS in Mozilla NSS vulnerability CVE-2013-1620
Security Advisory Description The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attack...
K47098834: glibc vulnerability CVE-2015-7547
Security Advisory Description Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS...
K17120: Linux kernel vulnerability CVE-2014-8134
Security Advisory Description The paravirtopssetup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirtenabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted application that rea...
K6919: Cross-site scripting vulnerability in my.activation.php3 CVE-2007-3097
Security Advisory Description Note : Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the ...
K81903701: Libpng vulnerability CVE-2015-8472
Security Advisory Description Buffer overflow in the pngsetPLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55, 1.3.x, 1.4.x before 1.4.18, 1.5.x before 1.5.25, and 1.6.x before 1.6.20 allows remote attackers to cause a denial of service application crash or possibly have...
K92052341: Linux kernel vulnerability CVE-2021-29266
Security Advisory Description An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v-configctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba0. CVE-2021-29266 Impact There is no impact; F5 products are not...
K05415626: Apache HTTPD vulnerability CVE-2017-7659
Security Advisory Description A maliciously constructed HTTP/2 request could cause modhttp2 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process. CVE-2017-7659 Impact A remote attacker can use a maliciously crafted HTTP/2 request to cause an abnormal termination on the Apache...
K84947349: OpenJDK vulnerabilities CVE-2015-2601, CVE-2015-2621, CVE-2015-2632, CVE-2015-4748, and CVE-2015-4749
Security Advisory Description CVE-2015-2601 Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. CVE-2015-2621 Unspecified vulnerability in Oracle Java SE...
K08413011: Linux kernel vulnerability CVE-2019-7221
Security Advisory Description The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. CVE-2019-7221 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases...
K23465404: BIG-IP LTM and APM NTLM vulnerability CVE-2022-33968
Security Advisory Description When an LTM monitor or APM SSO is configured on a virtual server, and NTLM challenge-response is in use, undisclosed traffic can cause a buffer over-read. CVE-2022-33968 Impact If an attacker controls the server that handles monitor traffic or the APM SSO endpoint,...
K16010: GNU C Library (glibc) vulnerability CVE-2014-7817
Security Advisory Description The wordexp function in GNU C Library aka glibc 2.21 does not enforce the WRDENOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$...". CVE-2014-7817 Impact An attacker with local access and...
K50301222: PHP EXIF extension vulnerabilities CVE-2019-11047 and CVE-2019-11050
Security Advisory Description CVE-2019-11047 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated...
K17245: Linux kernel vulnerability CVE-2014-9584
Security Advisory Description The parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel before 3.18.2 does not validate a length value in the Extensions Reference ER System Use Field, which allows local users to obtain sensitive information from kernel memory via a crafted...
K76934290: Linux kernel vulnerability CVE-2020-36386
Security Advisory Description An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hcievent.c has a slab out-of-bounds read in hciextendedinquiryresultevt, aka CID-51c19bf3d5cf. CVE-2020-36386 Impact There is no impact; F5 products are not affected by this vulnerability. Securi...
K75885190: MariaDB vulnerability CVE-2020-15180
Security Advisory Description A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in wsrepsstmethod allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's...
K70052353: Apache Tomcat vulnerability CVE-2021-42340
Security Advisory Description The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connectio...
K16187341: BIG-IP ICAP profile vulnerability CVE-2022-27189
Security Advisory Description When an Internet Content Adaptation Protocol ICAP profile is configured on a virtual server, undisclosed traffic can cause an increase in Traffic Management Microkernel TMM memory resource utilization. CVE-2022-27189 Impact Traffic is disrupted while the TMM process...
K65280235: Linux vulnerability CVE-2021-42252
Security Advisory Description An issue was discovered in aspeedlpcctrlmmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka...
K75501540: BIND vulnerability CVE-2018-5738
Security Advisory Description Change 4777 introduced in October 2017 introduced an unforeseen issue in releases which were issued after that date, affecting which clients are permitted to make recursive queries to a BIND nameserver. The intended and documented behavior is that if an operator has...
K54924436: PHP vulnerability CVE-2015-8865
Security Advisory Description The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service...
K08602542: SAMBA vulnerability CVE-2022-0336
Security Advisory Description The Samba AD DC includes checks when adding service principals names SPNs to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously...
K16913: OpenSSL vulnerability CVE-2015-1789
Security Advisory Description The X509cmptime function in crypto/x509/x509vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted length field in...
K15685: Linux kernel vulnerability CVE-2014-3940
Security Advisory Description The Linux kernel through 3.14.5 does not properly consider the presence of hugetlb entries, which allows local users to cause a denial of service memory corruption or system crash by accessing certain memory locations, as demonstrated by triggering a race condition v...
K16515: JBoss vulnerability CVE-2015-0279
Security Advisory Description JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language EL expressions and execute arbitrary Java code via the do parameter. CVE-2015-0279 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Stat...
K52883417: BIND vulnerability CVE-2020-8620
Security Advisory Description In versions of BIND that use the libuv network manager 9.16.x is the only stable branch affected an incorrectly specified maximum buffer size allows a specially crafted large TCP payload to trigger an assertion failure when it is received. CVE-2020-8620 Impact There ...
K13325942: Appliance mode iControl REST vulnerability CVE-2022-41800
Security Advisory Description When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. A successful exploit can allow the attacker to cross a security boundary...
K03755971: BIG-IP DNS resolver vulnerability CVE-2022-28706
Security Advisory Description When the DNS resolver configuration is used, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-28706 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote attacker to cause a...
SOL61414056 - Apache Tomcat vulnerability CVE-2016-5425
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL42065024 - PHP vulnerability CVE-2016-4070
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL12254802 - Apache httpd HTTP/2 vulnerability CVE-2016-1546
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL81081046 - PHP vulnerabilities CVE-2016-4537 and CVE-2016-4538
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL29154575 - ImageMagick vulnerability CVE-2016-3717
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL11772107 - BIG-IP and BIG-IQ cloud image vulnerability CVE-2016-2084
Note: Upgrading a vulnerable version to a not vulnerable version will not mitigate this issue; performing an upgrade on a vulnerable instance will cause the instance to remain vulnerable after the upgrade. Furthermore, any backups that are made from a vulnerable instance and restored to a not...
SOL06288381 - NTP vulnerabilities CVE-2015-7977 and CVE-2015-7978
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL02004209 - Oracle Java vulnerability CVE-2014-0411
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL86326526 - MySQL vulnerabilities CVE-2015-4766, CVE-2015-4904, CVE-2015-4791, and CVE-2015-4807
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL16881 - OZWPAN driver vulnerabilities CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4004
CVE-2015-4001 Integer signedness error in the ozhcdgetdesccnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted packet. CVE-2015-4002...
SOL16829 - Linux vulnerability CVE-2014-7825
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...
SOL16478 - Linux kernel vulnerabilities CVE-2014-8159 and CVE-2014-8369
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16443 - MIT Kerberos 5 vulnerabilities CVE-2014-9421 and CVE-2014-5352
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...