Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•53 views

K63314101: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2022-21451 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...

6.5CVSS5.8AI score0.02959EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•53 views

K44945790: glibc vulnerability CVE-2021-3326

Security Advisory Description The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. CVE-2021-3326...

7.5CVSS7.2AI score0.03093EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•53 views

K72255110: MySQL vulnerability CVE-2016-6662

Security Advisory Description Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to creat...

10CVSS8.8AI score0.6773EPSS
Exploits16
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•53 views

K54225343: libxml2 vulnerabilities CVE-2016-3627 and CVE-2016-3705

Security Advisory Description CVE-2016-3627 The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service infinite recursion, stack consumption, and application crash via a crafted XML document...

7.5CVSS6.9AI score0.07025EPSS
Exploits1Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•53 views

K24920320: Intel Ethernet Adapter Driver vulnerabilities CVE-2020-24502, CVE-2020-24503 and CVE-2020-24504

Security Advisory Description CVE-2020-24502 Improper input validation in some IntelR Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows, may allow an authenticated user to potentially enable a denial of service via local access. CVE-2020-24503...

5.5CVSS6.3AI score0.00345EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•53 views

K27155546: BIND vulnerability CVE-2022-38177

Security Advisory Description By spoofing the target resolver with responses that have a malformed ECDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. CVE-2022-38177 Impact There i...

7.5CVSS7.7AI score0.02299EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•53 views

K30671731: Apache Shiro vulnerability CVE-2022-40664

Security Advisory Description Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher. CVE-2022-40664 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development...

9.8CVSS9.1AI score0.0221EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•53 views

K63176101: Linux kernel vulnerability CVE-2019-17055

Security Advisory Description basesockcreate in drivers/isdn/mISDN/socket.c in the AFISDN network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21. CVE-2019-17055 Impact There is no impact; F5...

3.3CVSS6.3AI score0.00542EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:46 p.m.•53 views

K13844002: Linux kernel vulnerability CVE-2021-43057

Security Advisory Description An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinuxptracetraceme aka the SELinux handler for PTRACETRACEME could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs becaus...

7.8CVSS7.7AI score0.00475EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:45 p.m.•53 views

K62701550: Multiple Java vulnerabilities

Security Advisory Description CVE-2022-21248 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.01; Oracle GraalVM Enterprise Edition: 20.3.4...

5.3CVSS4.2AI score0.03782EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•53 views

K42202505: Linux kernel vulnerability CVE-2018-1120

Security Advisory Description A flaw was found affecting the Linux kernel before version 4.17. By mmaping a FUSE-backed file onto a process's memory containing command line arguments or environment strings, an attacker can cause utilities from psutils or procps such as ps, w or any other program...

5.3CVSS6.2AI score0.07291EPSS
Exploits5Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•53 views

K68804133: Apache vulnerability CVE-2017-12171

Security Advisory Description A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP...

6.5CVSS6.6AI score0.08078EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:35 p.m.•53 views

K59440504: Apache mod_ssl vulnerability CVE-2019-0215

Security Advisory Description In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in modssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured access control restrictions. CVE-2019-0215 Impact There is no impact; F5 products are not...

7.5CVSS7.9AI score0.10508EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•53 views

K04553557: Linux nfsd kernel vulnerability CVE-2020-24394

Security Advisory Description In the Linux kernel before 5.7.8, fs/nfsd/vfs.c in the NFS server can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. CVE-2020-24394 Impact The...

7.1CVSS6.5AI score0.00361EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•53 views

K52494562: BIG-IP software SYN cookies vulnerability CVE-2022-36795

Security Advisory Description When an LTM TCP profile configured on a virtual server has the Auto Receive Window option enabled, undisclosed traffic can cause the virtual server to stop processing new client connections. CVE-2022-36795 Impact Traffic is disrupted for new IP requests. This...

7.5CVSS7.6AI score0.00616EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•54 views

K03710547: Linux RPM vulnerability CVE-2017-7501

Security Advisory Description It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content...

7.8CVSS7.6AI score0.00392EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•53 views

K63470526: MySQL vulnerabilities CVE-2018-3203, CVE-2018-3212, CVE-2018-3247, CVE-2018-3251, and CVE-2018-3258

Security Advisory Description CVE-2018-3203 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple...

8.8CVSS6.7AI score0.03742EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•53 views

K85332020: Netlink message vulnerability CVE-2016-4486

Security Advisory Description The rtnlfilllinkifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message. CVE-2016-4486 Impact ...

3.3CVSS5.9AI score0.0171EPSS
Exploits4Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:32 p.m.•53 views

K56923528: Linux kernel vulnerability CVE-2013-4343

Security Advisory Description Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAPNETADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call. CVE-2013-4343 Impact There is...

6.9CVSS6.1AI score0.00355EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:30 p.m.•53 views

K16915: OpenSSL vulnerability CVE-2015-1792

Security Advisory Description The dofreeupto function in crypto/cms/cmssmime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service infinite loop via vectors that trigger a NULL value of a BIO data...

5CVSS7.8AI score0.22476EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 6:28 p.m.•53 views

K17455: Multiple Jenkins vulnerabilities

Security Advisory Description CVE-2015-1806 It was found that the combination filter Groovy script could allow a remote attacker to potentially execute arbitrary code on a Jenkins master. CVE-2015-1807 It was found that when building artifacts, the Jenkins server would follow symbolic links,...

7.5CVSS8.7AI score0.02523EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:19 p.m.•53 views

K17239: Linux kernel vulnerability CVE-2014-9529

Security Advisory Description Race condition in the keygcunusedkeys function in security/keys/gc.c in the Linux kernel through 3.18.2 allows local users to cause a denial of service memory corruption or panic or possibly have unspecified other impact via keyctl commands that trigger access to a k...

6.9CVSS6.9AI score0.00336EPSS
Exploits0Affected Software20
F5 Networks
F5 Networks
•added 2023/02/21 6:18 p.m.•53 views

K93122894: OpenSSL vulnerability CVE-2016-0705

Security Advisory Description Double free vulnerability in the dsaprivdecode function in crypto/dsa/dsaameth.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via a malformed DS...

10CVSS9.3AI score0.26335EPSS
Exploits1Affected Software18
F5 Networks
F5 Networks
•added 2023/02/21 6:10 p.m.•53 views

K8178: MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

7.1CVSS8.8AI score0.1426EPSS
Exploits4
F5 Networks
F5 Networks
•added 2023/02/21 6:8 p.m.•53 views

K17181: BIND vulnerability CVE-2015-5722

Security Advisory Description Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from a zone containing a...

7.8CVSS6.8AI score0.33652EPSS
Exploits0Affected Software19
F5 Networks
F5 Networks
•added 2023/02/21 6:6 p.m.•53 views

K19380843: Node.js vulnerability CVE-2020-8174

Security Advisory Description napigetvaluestring allows various kinds of memory corruption in node 10.21.0, 12.18.0, and 14.4.0. CVE-2020-8174 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently...

9.3CVSS7.4AI score0.07646EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•53 views

K20022580: Linux kernel vulnerability CVE-2013-7446

Security Advisory Description Use-after-free vulnerability in net/unix/afunix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AFUNIX socket permissions or cause a denial of service panic via crafted epollctl calls. CVE-2013-7446 Impact The local user may be able to bypass...

5.4CVSS6.3AI score0.00625EPSS
Exploits1Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 5:37 p.m.•53 views

K64009378: OpenSSL vulnerability CVE-2016-0701

Security Advisory Description The DHcheckpubkey function in crypto/dh/dhcheck.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman DH key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple...

3.7CVSS6AI score0.83645EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/20 8:51 a.m.•53 views

K000132667: Sudo vulnerability CVE-2023-22809

Security Advisory Description In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to...

7.8CVSS8.4AI score0.55367EPSS
Exploits20
F5 Networks
F5 Networks
•added 2022/12/31 3:34 a.m.•53 views

K61214359: Linux kernel vulnerability CVE-2019-15098

Security Advisory Description drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.8 has a NULL pointer dereference via an incomplete address in an endpoint descriptor. CVE-2019-15098 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

4.9CVSS6.3AI score0.00721EPSS
Exploits0
F5 Networks
F5 Networks
•added 2022/03/17 9:58 p.m.•53 views

Intel CPU vulnerability CVE-2021-0103

Insufficient control flow management in the firmware for some IntelR Processors may allow a privileged user to potentially enable an escalation of privilege via local access. CVE-2021-0103 Impact An attacker may be able to exploit the Intel processor firmware to gain elevated access to resources...

6.7CVSS6.9AI score0.00299EPSS
Exploits0
F5 Networks
F5 Networks
•added 2016/11/01 12:0 a.m.•53 views

SOL30216728 - Multiple PHP vulnerabilities

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.8CVSS2.3AI score0.0883EPSS
Exploits6References4
F5 Networks
F5 Networks
•added 2016/10/20 12:0 a.m.•53 views

SOL31530542 - PHP vulnerabilities CVE-2007-1777, CVE-2007-3997, CVE-2007-4657, CVE-2008-3658, and CVE-2008-3659

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.5AI score0.15328EPSS
Exploits10References4
F5 Networks
F5 Networks
•added 2016/09/15 12:0 a.m.•53 views

SOL11100332 - Multiple Oracle Database Server vulnerabilities

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9CVSS2.3AI score0.03744EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/07/11 12:0 a.m.•53 views

SOL92111011 - Linux kernel vulnerability CVE-2016-2117

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.5AI score0.06386EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/05/25 12:0 a.m.•53 views

SOL24613253 - NTP vulnerability CVE-2016-2516

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.1CVSS1.5AI score0.08948EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/03/03 12:0 a.m.•53 views

SOL65342329 - Java vulnerabilities CVE-2016-0494, CVE-2016-0448, and CVE-2016-0402

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

10CVSS2.9AI score0.07211EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/02/02 12:0 a.m.•53 views

SOL15364328 - Apache vulnerabilities CVE-2012-5783, CVE-2012-6153, and CVE-2014-3577

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

5.8CVSS2.5AI score0.09254EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2015/12/16 12:0 a.m.•53 views

SOL48042976 - BIG-IP SSL vulnerability CVE-2016-4545

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS2AI score0.01765EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/11/20 12:0 a.m.•53 views

SOL14132811 - Java vulnerability CVE-2015-4893

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS1.9AI score0.05288EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/03/04 12:0 a.m.•53 views

SOL16196 - MCPQ vulnerability CVE-2014-6031

MCPQ has been found to suffer from a remote buffer overflow vulnerability. The vulnerability is available to authenticated administrative users only. CVE-2014-6031...

4.9CVSS5.3AI score0.01073EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2015/01/28 12:0 a.m.•53 views

SOL16013 - OpenSSL vulnerability CVE-2014-3569

Note: While the F5 products listed in the table may contain a version of OpenSSL that is affected by this vulnerability, those OpenSSL versions are not compiled with the vulnerable option on the F5 products. Recommended Action If the previous table lists a version in the Versions known to be not...

5CVSS2.2AI score0.20646EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2014/12/04 12:0 a.m.•53 views

SOL15892 - Oracle Database Server vulnerabilities CVE-2013-3751, CVE-2013-3774, CVE-2014-4236, CVE-2014-4237, and CVE-2014-4245

CVE-2013-3751 Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. CVE-2013-3774 Unspecified vulnerability in the Network Layer...

9CVSS5.8AI score0.03672EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2014/11/03 12:0 a.m.•53 views

SOL15785 - Kerberos vulnerability CVE-2013-6800

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists...

4.3CVSS2.3AI score0.05508EPSS
Exploits1References5
F5 Networks
F5 Networks
•added 2014/03/18 12:0 a.m.•53 views

SOL15086 - OpenSSH vulnerability CVE-2008-1657

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...

6.5CVSS3.7AI score0.02223EPSS
Exploits3References3
F5 Networks
F5 Networks
•added 2011/11/21 12:0 a.m.•53 views

SOL13231 - PHP vulnerability CVE-2009-2626

In PHP 5.3.0 and PHP 5.2.10 and earlier, the zendrestoreinientrycb function in zendini.c allows context-specific attackers to obtain sensitive information memory contents and causes PHP to fail by using the iniset function to declare a variable, and then using the inirestore function to restore t...

6.4CVSS4.3AI score0.08306EPSS
Exploits3References4
F5 Networks
F5 Networks
•added 2011/05/09 12:0 a.m.•53 views

SOL12826 - Java Runtime Environment (JRE) vulnerability: CVE-2010-4476

These F5 product versions use the affected Java function to manage traffic in the Configuration utility. However, the system filters the input value to the function so the value falls within an expected range before the system passes data to the function. These expected ranges of data do not...

5CVSS9.1AI score0.2349EPSS
Exploits1
F5 Networks
F5 Networks
•added 2011/01/27 12:0 a.m.•53 views

SOL12567 - BIND vulnerability CVE-2010-3614

F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems. This security advisory describes a BIND vulnerability. For information about...

6.4CVSS8.7AI score0.14503EPSS
Exploits0
F5 Networks
F5 Networks
•added 2006/10/19 12:0 a.m.•53 views

SOL6634 - pam_ldap vulnerability - CVE-2005-2641

This security advisory describes a pamldap vulnerability. Clients who are referred to a different server than the server on which they were originally authenticated, with a different TLS encryption requirement, could possibly bypass the new server's TLS requirements. Information about this adviso...

7.5CVSS0.9AI score0.03645EPSS
Exploits0
F5 Networks
F5 Networks
•added 2026/06/04 4:2 p.m.•52 views

K000161577: Linux kernel vulnerability CVE-2025-39817

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as well: BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasancheckrange+0xe8/0x190...

7.1CVSS6.4AI score0.00152EPSS
Exploits0Affected Software4
Total number of security vulnerabilities5000