6294 matches found
SOL16829 - Linux vulnerability CVE-2014-7825
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...
SOL16707 - cURL and libcurl vulnerability CVE-2015-3148
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. CVE-2015-3148...
SOL16472 - glibc vulnerability CVE-2013-7424
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16389 - Multiple MySQL vulnerabilities
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16318 - OpenSSL vulnerability CVE-2015-0287
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL16364 - GNU C Library (glibc) vulnerability CVE-2012-3406
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15630 - TLS in Mozilla NSS vulnerability CVE-2013-1620
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists...
SOL15342 - OpenSSL vulnerability CVE-2014-3470
The ssl3sendclientkeyexchange function in s3clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service NULL pointer dereference and client crash by triggering a NULL certificate...
SOL8077 - BIND 8 vulnerability CVE-2007-2930
The NSIDSHUFFLEONLY and NSIDUSEPOOL PRNG algorithms in ISC BIND 8 before 8.4.7-P1 generate predictable DNS query identifiers when sending outgoing queries such as NOTIFY messages when answering questions as a resolver, which allows remote attackers to poison DNS caches using unknown vectors...
SOL7827 - tcpdump 3.9.6 vulnerability CVE-2007-3798
For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:...
SOL5857 - Client certificate check vulnerability in Apache - CVE-2005-2700
In the default configuration, BIG-IP and 3-DNS do not require client certificates to connect to the Configuration utility. This vulnerability cannot be exploited without making unsupported changes to the BIG-IP or 3-DNS web server configuration. This problem was tracked as CR53583 and CR53585 and...
SOL6876 - OpenSSH vulnerabilities CVE-2006-5052
This security advisory describes an OpenSSH vulnerability. OpenSSH versions previous to version 4.4, on platforms with GSSAPI enabled, allow remote attackers to determine the validity of usernames through a Generic Security Services Application Program Interface GSSAPI authentication abort...
K000148250: PostgreSQL vulnerabilities CVE-2016-0766, CVE-2015-3167, CVE-2015-0243, CVE-2015-0242, and CVE-2015-0241
Security Advisory Description CVE-2016-0766 PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings GUCS for PL/Java, which allows attackers to gain privileges via...
K000140505: Apache HTTPD vulnerability CVE-2024-38473
Security Advisory Description Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. Users are recommended to upgrade to version 2.4.60, which fixe...
K000139682: Speculative race conditions vulnerability CVE-2024-2193
Security Advisory Description A Speculative Race Condition SRC vulnerability that impacts modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using ra...
K000139641: libxml2 vulnerability CVE-2023-28484
Security Advisory Description In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. CVE-2023-28484 Impact This vulnerability allows a remote, authenticated...
K000139652: Intel CPU vulnerability CVE-2023-23583
Security Advisory Description Sequence of processor instructions leads to unexpected behavior for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. CVE-2023-23583 Impact Thi...
K000138991: BIND vulnerability CVE-2023-6516
Security Advisory Description To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is...
K000138640: Perl vulnerability CVE-2023-47038
Security Advisory Description A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. CVE-2023-47038 Impact This vulnerability could allow a local...
K000138426: glibc vulnerabilities CVE-2023-6246, CVE-2023-6779, and CVE-2023-6780
Security Advisory Description CVE-2023-6246 A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set t...
K000134517: Eclipse vulnerability CVE-2020-6950
Security Advisory Description Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter. CVE-2020-6950 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
K000133432: Intel CPU vulnerability CVE-2022-21216
Security Advisory Description Insufficient granularity of access control in out-of-band management in some IntelR Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. CVE-2022-21216 Impact This vulnerability...
K15868: Multiple Wireshark vulnerabilities
Security Advisory Description CVE-2013-4074 The dissectcapwapdata function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a...
K22206205: Intel vulnerabilities CVE-2020-0548 CVE-2020-0549
Security Advisory Description CVE-2020-0548 Cleanup errors in some data cache evictions for some IntelR Processors may allow an authenticated user to potentially enable information disclosure via local access. CVE-2020-0549 Cleanup errors in some IntelR Processors may allow an authenticated user ...
K50394032: Java SE vulnerabilities CVE-2018-3149, CVE-2018-3169, and CVE-2018-3209
Security Advisory Description CVE-2018-3149 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JNDI. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit...
K40564589: PHP vulnerability CVE-2016-7126
Security Advisory Description The imagetruecolortopalette function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate the number of colors, which allows remote attackers to cause a denial of service selectcolors allocation error and out-of-bounds write or possibl...
K17242: Linux kernel SCTP vulnerability CVE-2015-1421
Security Advisory Description Use-after-free vulnerability in the sctpassocupdate function in net/sctp/associola.c in the Linux kernel before 3.18.8 allows remote attackers to cause a denial of service slab corruption and panic or possibly have unspecified other impact by triggering an INIT...
K32734107: BIG-IP APM vulnerability CVE-2021-23052
Security Advisory Description An open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenticated malicious user to build an open redirect URI. CVE-2021-23052 Impact An unauthenticated attacker can create an open redirect...
K02694732: BIG-IP Advanced WAF and ASM bd vulnerability CVE-2022-41691
Security Advisory Description When an F5 BIG-IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. CVE-2022-41691 Impact Traffic is disrupted while the bd process restarts. This vulnerability allows a remote...
K63025104: NodeJS vulnerability CVE-2018-7160
Security Advisory Description The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network acces...
K80970653: BIG-IP iRules vulnerability CVE-2022-33962
Security Advisory Description The 'node' iRules command may allow an attacker to bypass the access control restrictions for a self IP address, regardless of the port lockdown settings.CVE-2022-33962 Impact This vulnerability may allow an authenticated attacker with the iRule Manager role to creat...
K90492697: OpenSSL vulnerability CVE-2016-6306
Security Advisory Description The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service out-of-bounds read via crafted certificate operations, related to s3clnt.c and s3srvr.c. CVE-2016-6306 Impact This vulnerability may allo...
K34205867: Server component of Oracle MySQL vulnerabilities CVE-2016-8327, CVE-2017-3238, CVE-2017-3251, CVE-2017-3256, and CVE-2017-3258
Security Advisory Description CVE-2016-8327 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with...
K16937: OpenSSL vulnerability CVE-2015-1793
Security Advisory Description Description The X509verifycert function in crypto/x509/x509vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints CA values during identification of alternative certificate chains, which allows remote attackers to spoof ...
K71245322: NTP vulnerability CVE-2015-8138
Security Advisory Description NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero. CVE-2015-8138 Impact An attacker may be able to disable time synchronization with the server or push...
K16859: SUSE coreutils vulnerabilities CVE-2013-0221, CVE-2013-0222, and CVE-2013-0223
Security Advisory Description CVE-2013-0221 The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string to the sort command, when using the 1 -d or 2 -M switch, which triggers a stack-based buffer...
K16013: OpenSSL vulnerability CVE-2014-3569
Security Advisory Description The ssl23getclienthello function in s23srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unexpected...
K15313: Java SE vulnerabilities CVE-2014-0456, CVE-2014-0457, and CVE-2014-2421
Security Advisory Description CVE-2014-0456 Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. CVE-2014-0457 Unspecified vulnerability in...
K53313971: Samba vulnerabilities CVE-2016-2110 and CVE-2016-2115
Security Advisory Description CVE-2016-2110 The NTLMSSP authentication implementation in Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 allows man-in-the-middle attackers to perform protocol-downgrade attacks by modifying the client-server data stream to remove...
K12566: OpenSSL vulnerability CVE-2010-3864
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K14316: BIND vulnerability CVE-2012-3817
Security Advisory Description ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2; 9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation is enabled, does not properly initialize the failing-query cache, which allows remote attackers to cause a...
K88124225: libpng vulnerability CVE-2017-12652
Security Advisory Description libpng before 1.6.32 does not properly check the length of chunks against the user limit. CVE-2017-12652 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently support...
K16819: Linux kernel vulnerability CVE-2015-3331
Security Advisory Description The driverrfc4106decrypt function in arch/x86/crypto/aesni-intelglue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service buffer overflow an...
K67644055: PHP vulnerability CVE-2016-5772
Security Advisory Description Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via...
K23030550: Linux kernel vulnerability CVE-2016-8399
Security Advisory Description An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged proce...
K41997459: BIG-IP APM XSS vulnerability CVE-2021-23054
Security Advisory Description A reflected cross-site scripting XSS vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. CVE-2021-23054 Impact An attacker can craft a malicious URL and send it to an authenticated...
K08037765: Qt vulnerabilities CVE-2018-19869, CVE-2018-19870, CVE-2018-19871, and CVE-2018-19873
Security Advisory Description CVE-2018-19869 An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. CVE-2018-19870 An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler...
K13074505: libarchive vulnerability CVE-2016-8687
Security Advisory Description Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename. CVE-2016-8687 Impact For BIG-IP and VIPRION platforms that ar...
K16496491: Multiple Java vulnerabilities
Security Advisory Description CVE-2020-2754 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Scripting. Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated...
K91013510: SSL Forward Proxy vulnerability CVE-2022-23016
Security Advisory Description When BIG-IP SSL Forward Proxy with TLS 1.3 is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23016 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a...