6413 matches found
K30905674: Linux kernel vulnerability CVE-2014-9904
Security Advisory Description The sndcompresscheckinput function in sound/core/compressoffload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service insufficient memory allocation or possibly...
K79933541: HTTP2 profile vulnerability CVE-2022-35236
Security Advisory Description When an HTTP2 profile is configured on a virtual server, undisclosed traffic can cause an increase in memory resource utilization. CVE-2022-35236 Impact System performance can degrade until the TMM process is either forced to restart or is manually restarted. This...
K16025: Linux kernel SCTP vulnerability CVE-2014-3688
Security Advisory Description The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service memory consumption by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c...
K63687287: Linux kernel vulnerability CVE-2016-8632
Security Advisory Description The tipcmsgbuild function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service heap-based buff...
K15131064: Node.js vulnerability CVE-2018-7162
Security Advisory Description All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service DoS by causing a node process which provides an http server supporting TLS server to crash. This can be accomplished by sending duplicate/unexpecte...
K57735782: NGINX Controller API Management vulnerability CVE-2022-23008
Security Advisory Description An authenticated attacker with access to the "user" or "admin" role can use undisclosed API endpoints on NGINX Controller API Management to inject JavaScript code that is executed on managed NGINX data plane instances. CVE-2022-23008 Impact Successful exploitation...
K43232343: Linux kernel Vulnerability CVE-2021-31440
Security Advisory Description This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw...
K94142349: BIG-IP Advanced WAF and ASM WebSocket security exposure
Security Advisory Description BIG-IP Advanced WAF and ASM incorrectly handle certain WebSocket requests. This issue occurs when the following condition is met: BIG-IP Advanced WAF or ASM handles a malicious WebSocket message. Impact The attack signature check fails to detect and block requests, a...
K33484483: F5OS vulnerability CVE-2022-41835
Security Advisory Description Excessive file permissions in F5OS allow an authenticated local attacker to execute a limited set of commands in a container and impact the F5OS controller. CVE-2022-41835 Impact An authenticated low-privileged attacker with CLI access can exploit this vulnerability...
K76328112: BIG-IP TMM vulnerability CVE-2019-6683
Security Advisory Description BIG-IP virtual servers with Loose Initiation enabled on a FastL4 profile may be subject to excessive flow usage under undisclosed conditions. CVE-2019-6683 Impact This vulnerability is present only on BIG-IP Virtual Edition VE systems with limited bandwidth licenses...
K80691406: MySQL vulnerabilities CVE-2019-2535, CVE-2019-2536, CVE-2019-2537, and CVE-2019-2539
Security Advisory Description CVE-2019-2535 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Options. Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure whe...
K65078159: Apache Tomcat vulnerability CVE-2021-24122
Security Advisory Description When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. The root cause wa...
K22854723: Poppler vulnerability CVE-2018-10768
Security Advisory Description There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected...
K49160100: Apache Tomcat vulnerability CVE-2016-6817
Security Advisory Description The HTTP/2 header parser in Apache Tomcat 9.0.0.M1 to 9.0.0.M11 and 8.5.0 to 8.5.6 entered an infinite loop if a header was received that was larger than the available buffer. This made a denial of service attack possible. CVE-2016-6817 Impact There is no impact; F5...
K4583: Insufficient validation of ICMP error messages VU#222750 / CVE-2004-0790 (9.x - 10.x)
Security Advisory Description This article applies to BIG-IP 9.x through 10.x. However, a regression for this vulnerability was introduced in later BIG-IP versions. For information about other versions, refer to the following article: K23440942: Insufficient validation of ICMP error messages...
K53214222: midi kernel driver vulnerability CVE-2018-10902
Security Advisory Description It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local...
K24734336: PHP vulnerabilities CVE-2016-4542, CVE-2016-4543, and CVE-2016-4544
Security Advisory Description CVE-2016-4542 The exifprocessIFDTAG function in ext/exif/exif.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 does not properly construct spprintf arguments, which allows remote attackers to cause a denial of service out-of-bounds read or possibly...
K12597: PHP vulnerability CVE-2010-4156
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K15904: Multiple third-party application-server vulnerabilities
Security Advisory Description CVE-2003-1418 Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via 1 the ETag header, which reveals the inode number, or 2 multipart MIME boundary, which reveals child proccess IDs PID. CVE-2004-2320 The...
K15936: NTP vulnerability CVE-2014-9295
Security Advisory Description Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to 1 the cryptorecv function when the Autokey Authentication feature is used, 2 the ctlputdata function, and 3 the configu...
K18174924: Apache Tomcat 6.x vulnerability CVE-2016-0706
Security Advisory Description Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users ...
K000132639: ALPACA: TLS vulnerability CVE-2021-3618
Security Advisory Description ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP...
K07550539: TMM with LRO vulnerability CVE-2018-15311
Security Advisory Description When Large Receive Offload LRO is enabled, undisclosed traffic patterns may cause TMM to restart. LRO has been available since 11.4.0 but is not enabled by default until 13.1.0 for all platforms and 12.0.0 for Virtual Edition. CVE-2018-15311 Impact An attacker may be...
K59333944: Apache mod_proxy_ftp vulnerability CVE-2020-1934
Security Advisory Description In Apache HTTP Server 2.4.0 to 2.4.41, modproxyftp may use uninitialized memory when proxying to a malicious FTP server. CVE-2020-1934 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...
SOL41204355 - PHP vulnerability CVE-2016-5114
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL05016441 - Oracle Java vulnerability CVE-2016-3508
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL51390683 - PHP vulnerabilities CVE-2016-5094 and CVE-2016-5095
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL53729441 - MySQL vulnerability CVE-2016-2047
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL99998454 - iControl REST vulnerability CVE-2016-5021
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL61971428 - Multiple Java vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL25102203 - ImageMagick vulnerability CVE-2016-3716
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL04755144 - Multiple QEMU vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL93122894 - OpenSSL vulnerability CVE-2016-0705
In the default configuration there is no network access vector. There is no known exposure in the default configuration. Customized applications that are parsing DSA keys from untrusted input sources may expose this issue; however, that is a rare configuration. In most cases, this issue would be...
SOL17317 - Apache HTTP server vulnerability CVE-2015-0253
The readrequestline function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service NULL pointer dereference and process crash by sending a request that lacks a method to an installation...
SOL17247 - PHP vulnerability CVE-2015-1351
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL17025 - BIND DNSSEC vulnerability CVE-2010-0097
ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7.0 beta does not properly validate DNSSEC 1 NSEC and 2 NSEC3 records. CVE-2010-0097...
SOL16940 - Multiple Wireshark vulnerabilities
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16716 - Multiple Mozilla NSS vulnerabilities
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16364 - GNU C Library (glibc) vulnerability CVE-2012-3406
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15532 - XSS vulnerability in echo.jsp CVE-2014-4023
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15417 - OpenSSL vulnerability CVE-2012-0050
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15342 - OpenSSL vulnerability CVE-2014-3470
The ssl3sendclientkeyexchange function in s3clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service NULL pointer dereference and client crash by triggering a NULL certificate...
SOL15300 - Apache HTTP Server mod_dav DoS vulnerability CVE-2013-6438
Recommended Action ARX If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate th...
SOL14201 - BIND denial-of-service attack CVE-2012-5166/CVE-2012-4244
Recommended Action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. To mitigate this vulnerability, you can disable recursion of the DNS server. To do so, perform the following procedure: Impact of action...
SOL8077 - BIND 8 vulnerability CVE-2007-2930
The NSIDSHUFFLEONLY and NSIDUSEPOOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches using unknown vectors...
SOL3568 - DNS denial of service vulnerability - CAN-2004-0789
Vulnerability description and product information: Multiple implementations of the DNS protocol, including 1 Poslib 1.0.2-1 and earlier as used by Posadis, 2 Axis Network products before firmware 3.13, and 3 Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to caus...
K000148259: libarchive vulnerability CVE-2016-10350 and CVE-2016-10349
Security Advisory Description CVE-2016-10350 The archivereadformatcabreadheader function in archivereadsupportformatcab.c in libarchive 3.2.2 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted file. CVE-2016-10349 The archivele32de...
K05710614: BIG-IP HSB vulnerability CVE-2024-39778
Security Advisory Description When a stateless virtual server is configured on a BIG-IP system with a High-Speed Bridge HSB, undisclosed requests can cause virtual servers to stop processing client connections and the Traffic Management Microkernel TMM to terminate. CVE-2024-39778 Impact Traffic ...
K000139698: Python vulnerabilities CVE-2016-5636, CVE-2018-1000802, CVE-2022-48565 and CVE-2023-36632
Security Advisory Description CVE-2016-5636 Integer overflow in the getdata function in zipimport.c in CPython aka Python before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5.2 allows remote attackers to have unspecified impact via a negative data size value, which triggers a heap-based buffer...
K000139641: libxml2 vulnerability CVE-2023-28484
Security Advisory Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. CVE-2023-28484 Impact This vulnerability allows a remote, authenticated...