6413 matches found
K35226442: Apache Struts vulnerabilities CVE-2019-0233 and CVE-2019-0230
Security Advisory Description CVE-2019-0233 An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload. CVE-2019-0230 Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, ma...
K01730454: Ruby vulnerabilities CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, and CVE-2017-0902
Security Advisory Description CVE-2017-0899 RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications that include terminal escape characters. Printing the gem specification would execute terminal escape sequences. CVE-2017-0900 RubyGems version 2.6.12 and earlie...
K71796229: Linux kernel vulnerability CVE-2017-14489
Security Advisory Description The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service panic by leveraging incorrect length validation. CVE-2017-14489 Impact This vulnerability allows a local user to cause a...
K61547155: QEMU vulnerabilities CVE-2020-10761, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, and CVE-2020-13754
Security Advisory Description CVE-2020-10761 An assertion failure issue was found in the Network Block DeviceNBD Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remot...
K36942191: Advanced WAF and BIG-IP ASM MySQL database vulnerability CVE-2021-23053
Security Advisory Description When the brute force protection feature of ASM/Adv WAF is enabled on a virtual server and the virtual server is under brute force attack, the MySQL database may run out of disk space due to lack of row limit on undisclosed tables in the MYSQL database. CVE-2021-23053...
K01713115: BIND vulnerability CVE-2019-6465
Security Advisory Description Controls for zone transfers may not be properly applied to Dynamically Loadable Zones DLZs if the zones are writable Versions affected: BIND 9.9.0 - 9.10.8-P1, 9.11.0 - 9.11.5-P2, 9.12.0 - 9.12.3-P2, and versions 9.9.3-S1 - 9.11.5-S3 of BIND 9 Supported Preview...
K42801711: node-ipc vulnerability CVE-2022-23812
Security Advisory Description This affects the package node-ipc from 10.1.1 and before 10.1.3. This package contains malicious code, that targets users with IP located in Russia or Belarus, and overwrites their files with a heart emoji. Note: from versions 11.0.0 onwards, instead of having...
K93723284: BIG-IP PEM and AFM TMUI, TMSH, and iControl REST vulnerability CVE-2022-41813
Security Advisory Description When the BIG-IP system is provisioned with the PEM or AFM module, an undisclosed input can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-41813 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote...
K05513373: Linux kernel vulnerability CVE-2016-9576
Security Advisory Description The blkrqmapuseriov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service use-after-free by leveraging...
K86075480: Java SE vulnerability CVE-2018-3214
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Sound. Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows...
K30216728: Multiple PHP vulnerabilities
Security Advisory Description CVE-2016-7128 The exifprocessIFDinTIFF function in ext/exif/exif.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles the case of a thumbnail offset that exceeds the file size, which allows remote attackers to obtain sensitive information from process memory via a...
K56551263: tcpdump vulnerability CVE-2018-14880
Security Advisory Description The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6printlshdr. CVE-2018-14880 Impact An attacker can gain access to sensitive information and can also cause a denial of service DoS. Security Advisory Status F5 Product Development h...
K42143118: PHP vulnerability CVE-2016-10712
Security Advisory Description In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of streamgetmetadata can be controlled if the input can be controlled e.g., during file uploads. For example, a "$uri = streamgetmetadatafopen$file, "r"'uri'" call mishandles th...
K15031791: Samba vulnerability CVE-2015-5330
Security Advisory Description ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles string lengths, which allows remote attackers to obtain sensitive information from daemon heap memory by sending crafted packets and th...
K16864: SSL/TLS RC4 vulnerability CVE-2015-2808
Security Advisory Description The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream...
K15677: Linux kernel vulnerability CVE-2014-4014
Security Advisory Description The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the...
K17378: SNMP vulnerability CVE-2015-5621
Security Advisory Description The snmppduparse function in snmpapi.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmpvariablelist item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary...
K11251130: NTP vulnerability CVE-2016-1547
Security Advisory Description An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated...
K41351250: BIG-IP Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23031
Security Advisory Description An authenticated user may perform a privilege escalation on the BIG-IP Advanced WAF and ASM Configuration utility. CVE-2021-23031 Impact When this vulnerability is exploited, an authenticated attacker with access to the Configuration utility can execute arbitrary...
K11186236: Linux kernel KVM subsystem vulnerability CVE-2019-6974
Security Advisory Description In the Linux kernel before 4.20.8, kvmioctlcreatedevice in virt/kvm/kvmmain.c mishandles reference counting because of a race condition, leading to a use-after-free. CVE-2019-6974 Impact BIG-IP An attacker may use this vulnerability to cause a vCMP guest to crash,...
SOL30403302 - ImageMagick vulnerabilities CVE-2015-8895 and CVE-2015-8896
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL35155453 - Multiple LibTIFF vulnerabilities
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL38110373 - Apache Tomcat vulnerability CVE-2014-7810
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL73644551 - Apache Tomcat vulnerability CVE-2016-6325
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL92930514 - GO vulnerability CVE-2016-5386
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL22334603 - OpenSSL vulnerability CVE-2016-0799
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL32790144 - NTP vulnerability CVE-2015-7973
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL59503294 - libjpeg vulnerability CVE-2013-6629
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL23332326 - Apache HTTPD vulnerability CVE-2010-2791
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17253 - BIG-IP Configuration utility vulnerability CVE-2015-4040
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16914 - OpenSSL vulnerability CVE-2015-1791
For BIG-IP, Enterprise Manager, and BIG-IQ systems, the vulnerable code exists on the system; however, it is not used in the way that exposes the system to the vulnerability. For LineRate systems, the vulnerable code exists on the system; however, it is not used in the way that exposes the system...
SOL16859 - SUSE coreutils vulnerabilities CVE-2013-0221, CVE-2013-0222, and CVE-2013-0223
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16472 - glibc vulnerability CVE-2013-7424
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16389 - Multiple MySQL vulnerabilities
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL16318 - OpenSSL vulnerability CVE-2015-0287
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL16320 - OpenSSL vulnerability CVE-2015-0289
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL15967 - glibc and eglibc vulnerability CVE-2011-2702
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15732 - Linux kernel vulnerability CVE-2013-0311
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15322 - PHP vulnerability CVE-2014-0185
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15172 - BIND vulnerability CVE-2010-3762
F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems. These products are only vulnerable if BIND was manually configured...
SOL12566 - OpenSSL vulnerability CVE-2010-3864
For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location:...
SOL9110 - Apache Tomcat information disclosure vulnerability - CVE-2008-2370
Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when a RequestDispatcher is used, performs path normalization before removing the query string from the URI, which allows remote attackers to conduct directory traversal attacks and read arbitrary files through a...
SOL5857 - Client certificate check vulnerability in Apache - CVE-2005-2700
In the default configuration, BIG-IP and 3-DNS do not require client certificates to connect to the Configuration utility. This vulnerability cannot be exploited without making unsupported changes to the BIG-IP or 3-DNS web server configuration. This problem was tracked as CR53583 and CR53585 and...
SOL6876 - OpenSSH vulnerabilities CVE-2006-5052
This security advisory describes an OpenSSH vulnerability. OpenSSH versions previous to version 4.4, on platforms with GSSAPI enabled, allow remote attackers to determine the validity of usernames through a Generic Security Services Application Program Interface GSSAPI authentication abort...
K000148278: Spring framework CVE-2024-38820 vulnerability
Security Advisory Description The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase has some Locale dependent exceptions that could potentially result in fields not protected as expected. CVE-2024-38820 Impact There is no impact; F5...
K000141317: PHP vulnerabilities CVE-2017-9225, CVE-2017-8923, CVE-2016-7413, CVE-2016-9935, and CVE-2016-7417
Security Advisory Description CVE-2017-9225 An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point...
K000140505: Apache HTTPD vulnerability CVE-2024-38473
Security Advisory Description Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. Users are recommended to upgrade to version 2.4.60, which fixe...
K000139627: NGINX HTTP/3 QUIC vulnerability CVE-2024-34161
Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously...
K000139630: Expat vulnerability CVE-2023-52425
Security Advisory Description libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. CVE-2023-52425 Impact There is no impact; F5 products are not affected by this...
K000138640: Perl vulnerability CVE-2023-47038
Security Advisory Description A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. CVE-2023-47038 Impact This vulnerability could allow a local...