6294 matches found
K44945790: glibc vulnerability CVE-2021-3326
Security Advisory Description The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. CVE-2021-3326...
K09413574: OpenSSL vulnerability CVE-2022-1434
Security Advisory Description The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing a man-in-the-middle attack to modify data being sent from one...
K91327225: Linux sudo process vulnerability CVE-2019-18634
Security Advisory Description In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many othe...
K68755210: BIG-IP SYN Cookie Protection vulnerability CVE-2022-23011
Security Advisory Description On certain hardware BIG-IP platforms, virtual servers may stop responding while processing TCP traffic due to an issue in the SYN Cookie Protection feature. CVE-2022-23011 Impact On certain hardware BIG-IP platforms, traffic is disrupted for new client connections...
K00602225: Advanced WAF and BIG-IP ASM vulnerability CVE-2021-23028
Security Advisory Description When JSON content profiles are configured for URLs as part of an F5 Advanced Web Application Firewall WAF/BIG-IP ASM security policy and applied to a virtual server, undisclosed requests may cause the BIG-IP ASM bd process to terminate. CVE-2021-23028 Impact Traffic ...
K33924005: Oracle Java SE vulnerability CVE-2018-2799
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows...
K70321874: Oracle Java SE vulnerability CVE-2018-2795
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allo...
K28023545: MySQL vulnerability CVE-2022-21515
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Options. Supported versions that are affected are 5.7.38 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
K12183968: PHP vulnerability CVE-2021-21702
Security Advisory Description In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using SOAP extension to connect to a SOAP server, a malicious SOAP server could return malformed XML data as a response that would cause PHP to access a null pointer and thus cause a...
K16949: Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148
Security Advisory Description CVE-2012-0876 The XML parser xmlparse.c in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via an XML file with many...
K000132697: Curl vulnerability CVE-2022-43551
Security Advisory Description A vulnerability exists in curl 7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the...
K37236006: SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415
Security Advisory Description CVE-2015-3414 SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact...
K64765350: QEMU vulnerability CVE-2015-4037
Security Advisory Description The slirpsmb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service instantiation failure by creating /tmp/qemu-smb.- files before the program. CVE-2015-4037 Impact There...
K52952871: Multiple RubyGems vulnerabilities
Security Advisory Description CVE-2018-1000073 RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in...
K13591074: BIND vulnerability CVE-2020-8625
Security Advisory Description BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setti...
K22893952: Apache vulnerability CVE-2019-0190
Security Advisory Description A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when...
K74009656: BIND vulnerability CVE-2018-5743
Security Advisory Description By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was...
K58523450: Linux kernel vulnerability CVE-2020-14386
Security Advisory Description A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity. CVE-2020-14386 Impact There is no impact;...
K04734043: Java vulnerability CVE-2017-10198
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows...
K66510514: TMM vulnerability CVE-2022-34862
Security Advisory Description When an LTM virtual server is configured to perform normalization, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-34862 Impact This vulnerability affects systems with one or more of the following configurations. Affected...
K17520069: QEMU 3.0.0 heap-based buffer overflow CVE-2019-6778
Security Advisory Description In QEMU 3.0.0, tcpemu in slirp/tcpsubr.c has a heap-based buffer overflow. CVE-2019-6778 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for...
K33567812: Kernel vulnerabilities CVE-2017-12192 and CVE-2017-15274
Security Advisory Description CVE-2017-12192 The keyctlreadkey function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of...
K15677: Linux kernel vulnerability CVE-2014-4014
Security Advisory Description The capabilities implementation in the Linux kernel before 3.14.8 does not properly consider that namespaces are inapplicable to inodes, which allows local users to bypass intended chmod restrictions by first creating a user namespace, as demonstrated by setting the...
K4009: Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K70415522: TMM vulnerability CVE-2021-23035
Security Advisory Description When an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel TMM to terminate. CVE-2021-23035 Impact Traffic is disrupted while the TMM process restarts. This vulnerabilit...
K16620: QEMU vulnerability CVE-2015-3456
Security Advisory Description An out-of-bounds memory access flaw, also known as "VENOM," was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially...
K31300371: Linux kernel vulnerability CVE-2013-4483
Security Advisory Description The ipcrcuputref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service memory consumption or system crash via a crafted application. CVE-2013-4483 Impact This...
K04043655: Linux kernel vulnerability CVE-2019-14816
Security Advisory Description There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of servicesystem crash or possibly execute arbitrary code. CVE-2019-14816 Impact There is no...
SOL63712424 - PHP vulnerability CVE-2015-8935
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL75004031 - Python vulnerability CVE-2016-1000110
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL51324410 - SAMBA vulnerabilities CVE-2015-7560 and CVE-2016-0771
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL59503294 - libjpeg vulnerability CVE-2013-6629
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL73189318 - Linux kernel vulnerability CVE-2015-7509
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL13405416 - QEMU vulnerability CVE-2012-3515
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL91245485 - RSA-CRT key leak vulnerability CVE-2015-5738
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL10600056 - NTP vulnerability CVE-2015-5300
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17457 - Linux kernel vulnerability CVE-2015-6252
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL16976 - PHP vulnerability CVE-2015-1352
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148
Important: Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable. Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16441 - MIT Kerberos 5 vulnerability CVE-2014-9423
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...
SOL16319 - OpenSSL vulnerability CVE-2015-0288
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15931 - Unbound vulnerability CVE-2014-8602
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15405 - OpenSSL 0.9.8l vulnerability CVE-2009-4355
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15156 - OpenSSH vulnerability CVE-2009-2904
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custo...
SOL14386 - BIND vulnerability CVE-2013-2266
Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the table. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to...
SOL13597 - OpenSSL vulnerability CVE-2012-1165
The mimeparamcmp function in crypto/asn1/asnmime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service NULL pointer dereference and application crash using a crafted S/MIME message; a different vulnerability than CVE-2006-7250...
SOL8920 - Linux kernel vulnerability CVE-2007-2876
A flaw in the connection tracking support for SCTP allows a remote user to cause a denial of service by dereferencing a NULL pointer. Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the...
SOL8922 - Linux kernel vulnerability CVE-2007-3739
A flaw in the stack expansion when using the hugetlb kernel on a PowerPC system allows a local user to cause a denial of service. Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the informati...
SOL6795 - ClamAV CHM Chunk Name Length DoS Vulnerability - CVE-2006-5295
The FirePass controller can be configured to provide anti-virus scanning of files uploaded through Portal Access using the ClamAV open source software. A vulnerability in ClamAV 0.88.4 and earlier versions could allow a remote attacker to crash the scanner process using a specially crafted...
SOL3568 - DNS denial of service vulnerability - CAN-2004-0789
Vulnerability description and product information: Multiple implementations of the DNS protocol, including 1 Poslib 1.0.2-1 and earlier as used by Posadis, 2 Axis Network products before firmware 3.13, and 3 Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to caus...