6294 matches found
K54635192: Linux kernel overlayfs vulnerability CVE-2021-3493
Security Advisory Description The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the...
K13364192: Samba vulnerability CVE-2016-2119
Security Advisory Description libcli/smb/smbXclibase.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5 allows man-in-the-middle attackers to bypass a client-signing protection mechanism, and consequently spoof SMB2 and SMB3 servers, via the 1 SMB2SESSIONFLAGISGUEST or 2...
K41190253: Multiple RTOS vulnerabilities
Security Advisory Description CVE-2019-12255 Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the TCP component issue 1 of 4. This is a IPNET security vulnerability: TCP Urgent Pointer = 0 that leads to an integer underflow. CVE-2019-12256 Wind River VxWorks 6.9 and vx7 has a Buffer...
K41523201: cURL vulnerability CVE-2019-5482
Security Advisory Description Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. CVE-2019-5482 Impact An attacker could cause a denial of service DoS or arbitrary code execution if you use cURL to transfer data to or from a Trivial File Transport Protocol TFTP server and...
K12132951: Linux kernel vulnerability CVE-2022-0812
Security Advisory Description An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpcrdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information. CVE-2022-0812 Impact There is no impact; F5 products are not affected by...
K08044291: OpenSSL vulnerability CVE-2018-0739
Security Advisory Description Constructed ASN.1 types with a recursive definition such as can be found in PKCS7 could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that...
K32616738: Linux kernel vulnerability CVE-2017-15265
Security Advisory Description Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seqclientmgr.c and...
K77384526: tcpdump vulnerabilities CVE-2016-7922, CVE-2016-7923, CVE-2016-7924, CVE-2016-7925, and CVE-2016-7927
Security Advisory Description CVE-2016-7922 The AH parser in tcpdump before 4.9.0 has a buffer overflow in print-ah.c:ahprint. CVE-2016-7923 The ARP parser in tcpdump before 4.9.0 has a buffer overflow in print-arp.c:arpprint. CVE-2016-7924 The ATM parser in tcpdump before 4.9.0 has a buffer...
K04311751: Tcpdump vulnerability CVE-2018-19519
Security Advisory Description In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initialization. CVE-2018-19519 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K40507733: The BIG-IP APM logon page may expose an XSS security risk
Security Advisory Description This issue occurs when all of the following conditions are met: You configure an authentication, authorization, and accounting AAA agent after a logon page agent in the access policy. You configure the AAA agent with a Max Logon Attempts Allowed value higher than 1...
K01051400: Linux kernel vulnerability CVE-2020-14356
Security Advisory Description A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. CVE-2020-14356 Impact There ...
K50301222: PHP EXIF extension vulnerabilities CVE-2019-11047 and CVE-2019-11050
Security Advisory Description CVE-2019-11047 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exifreaddata function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated...
K39655464: Linux kernel vulnerability CVE-2013-2017
Security Advisory Description The veth aka virtual Ethernet driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestion, which allows remote attackers to cause a denial of service system crash by leveraging lack of skb consumption in conjunction with a double-free...
K51920288: OpenSSL vulnerability CVE-2016-2105
Security Advisory Description Integer overflow in the EVPEncodeUpdate function in crypto/evp/encode.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service heap memory corruption via a large amount of binary data. CVE-2016-2105 Impact A successful...
K75555129: Netty vulnerabilities CVE-2019-16869 and CVE-2020-7238
Security Advisory Description CVE-2019-16869 Netty before 4.1.42.Final mishandles whitespace before the colon in HTTP headers such as a "Transfer-Encoding : chunked" line, which leads to HTTP request smuggling. CVE-2020-7238 Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles...
K27400151: SNMP vulnerability CVE-2019-6613
Security Advisory Description SNMP may expose sensitive configuration objects over insecure transmission channels. This issue is exposed when a passphrase is used with various profile types and is accessed using SNMPv2. CVE-2019-6613 Impact An attacker with direct SNMP access to a BIG-IP system o...
K33548065: Eclipse Jetty vulnerability CVE-2018-12536
Security Advisory Description In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters ca...
K01730454: Ruby vulnerabilities CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, and CVE-2017-0902
Security Advisory Description CVE-2017-0899 RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences. CVE-2017-0900 RubyGems version 2.6.12 and earlie...
K71796229: Linux kernel vulnerability CVE-2017-14489
Security Advisory Description The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service panic by leveraging incorrect length validation. CVE-2017-14489 Impact This vulnerability allows a local user to cause a...
K01713115: BIND vulnerability CVE-2019-6465
Security Advisory Description Controls for zone transfers may not be properly applied to Dynamically Loadable Zones DLZs if the zones are writable Versions affected: BIND 9.9.0 - 9.10.8-P1, 9.11.0 - 9.11.5-P2, 9.12.0 - 9.12.3-P2, and versions 9.9.3-S1 - 9.11.5-S3 of BIND 9 Supported Preview...
K05513373: Linux kernel vulnerability CVE-2016-9576
Security Advisory Description The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging...
K80691406: MySQL vulnerabilities CVE-2019-2535, CVE-2019-2536, CVE-2019-2537, and CVE-2019-2539
Security Advisory Description CVE-2019-2535 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Options. Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure whe...
K65078159: Apache Tomcat vulnerability CVE-2021-24122
Security Advisory Description When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause wa...
K91444306: Linux kernel vulnerability CVE-2019-12818
Security Advisory Description An issue was discovered in the Linux kernel before 4.20.15. The nfcllcpbuildtlv function in net/nfc/llcpcommands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects...
K30216728: Multiple PHP vulnerabilities
Security Advisory Description CVE-2016-7128 The exifprocessIFDinTIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a...
K42143118: PHP vulnerability CVE-2016-10712
Security Advisory Description In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of streamgetmetadata can be controlled if the input can be controlled e.g., during file uploads. For example, a "$uri = streamgetmetadatafopen$file, "r"'uri'" call mishandles th...
K56551263: tcpdump vulnerability CVE-2018-14880
Security Advisory Description The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6printlshdr. CVE-2018-14880 Impact An attacker can gain access to sensitive information and can also cause a denial of service DoS. Security Advisory Status F5 Product Development h...
K15031791: Samba vulnerability CVE-2015-5330
Security Advisory Description ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and th...
K11100332: Multiple Oracle Database Server vulnerabilities
Security Advisory Description CVE-2016-3479 Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. CVE-2016-3484 Unspecified vulnerability in the Database Vault component i...
K54213762: openjdk vulnerability CVE-2019-2949
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Kerberos. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker wi...
K16864: SSL/TLS RC4 vulnerability CVE-2015-2808
Security Advisory Description The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream...
K11251130: NTP vulnerability CVE-2016-1547
Security Advisory Description An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated...
K12597: PHP vulnerability CVE-2010-4156
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K41351250: BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23031
Security Advisory Description An authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. CVE-2021-23031 Impact When this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary...
K000132537: OpenSSL vulnerabilities CVE-2022-4203, CVE-2023-0216, CVE-2023-0217, and CVE-2023-0401
Security Advisory Description CVE-2022-4203 A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or...
SOL35155453 - Multiple LibTIFF vulnerabilities
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL51390683 - PHP vulnerabilities CVE-2016-5094 and CVE-2016-5095
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL92930514 - GO vulnerability CVE-2016-5386
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL78530002 - Java vulnerability CVE-2013-5803
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL03331206 - NTP vulnerability CVE-2016-4955
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL61971428 - Multiple Java vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL04755144 - Multiple QEMU vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL22334603 - OpenSSL vulnerability CVE-2016-0799
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL93122894 - OpenSSL vulnerability CVE-2016-0705
In the default configuration there is no network access vector. There is no known exposure in the default configuration. Customized applications that are parsing DSA keys from untrusted input sources may expose this issue; however, that is a rare configuration. In most cases, this issue would be...
SOL32790144 - NTP vulnerability CVE-2015-7973
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL01948202 - Linux kernel vulnerability CVE-2016-0728
Vulnerability Recommended Actions None Supplemental Information SOL4602: Overview of the F5 security vulnerability response policy SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents...
SOL23332326 - Apache HTTPD vulnerability CVE-2010-2791
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17127 - PHP vulnerability CVE-2014-9709
The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function...
SOL16914 - OpenSSL vulnerability CVE-2015-1791
For BIG-IP, Enterprise Manager, and BIG-IQ systems, the vulnerable code exists on the system; however, it is not used in the way that exposes the system to the vulnerability. For LineRate systems, the vulnerable code exists on the system; however, it is not used in the way that exposes the system...
SOL16829 - Linux vulnerability CVE-2014-7825
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...