6414 matches found
K65260085: Linux kernel vulnerability CVE-2018-20784
Security Advisory Description In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfsrq's, which allows attackers to cause a denial of service infinite loop in updateblockedaverages or possibly have unspecified other impact by inducing a high load. CVE-2018-20784 Impact There i...
K13331647: Linux kernel vulnerability CVE-2019-13233
Security Advisory Description In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modifyldt and a BR exception for an MPX bounds violation. CVE-2019-13233 Impact There is no impact; F5 products are...
K53634325: Linux kernel vulnerability CVE-2019-19068
Security Advisory Description A memory leak in the rtl8xxxusubmitinturb function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxucore.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering usbsubmiturb failures, aka CID-a2cdd07488e6...
K99998454: iControl REST vulnerability CVE-2016-5021
Security Advisory Description The iControl REST service in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.5.x before 11.5.4, 11.6.x before 11.6.1, and 12.x before 12.0.0 HF3; BIG-IP DNS 12.x before 12.0.0 HF3; BIG-IP GTM 11.5.x before 11.5.4 and 11.6.x before 11.6.1;...
K14301401: MySQL vulnerabilities CVE-2018-3185, CVE-2018-3186, CVE-2018-3187, CVE-2018-3195, and CVE-2018-3200
Security Advisory Description CVE-2018-3185 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...
K74009656: BIND vulnerability CVE-2018-5743
Security Advisory Description By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was...
K58523450: Linux kernel vulnerability CVE-2020-14386
Security Advisory Description A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity. CVE-2020-14386 Impact There is no impact;...
K91444306: Linux kernel vulnerability CVE-2019-12818
Security Advisory Description An issue was discovered in the Linux kernel before 4.20.15. The nfcllcpbuildtlv function in net/nfc/llcpcommands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of service. This affects...
K62553631: Binutils vulnerabilities CVE-2018-7570, CVE-2018-9996, and CVE-2018-10372
Security Advisory Description CVE-2018-7570 The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash vi...
K66510514: TMM vulnerability CVE-2022-34862
Security Advisory Description When an LTM virtual server is configured to perform normalization, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-34862 Impact This vulnerability affects systems with one or more of the following configurations. Affected...
K17520069: QEMU 3.0.0 heap-based buffer overflow CVE-2019-6778
Security Advisory Description In QEMU 3.0.0, tcpemu in slirp/tcpsubr.c has a heap-based buffer overflow. CVE-2019-6778 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported releases for...
K42232641: GRUB2 vulnerability CVE-2020-10713
Security Advisory Description A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would...
K54213762: openjdk vulnerability CVE-2019-2949
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Kerberos. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker wi...
K15683: Ruby vulnerability CVE-2013-4073
Security Advisory Description The OpenSSL::SSL.verifycertificateidentity function in lib/openssl/ssl.rb in Ruby 1.8 before 1.8.7-p374, 1.9 before 1.9.3-p448, and 2.0 before 2.0.0-p247 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509...
K4009: Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K70306414: Linux kernel vulnerability CVE-2021-20292
Security Advisory Description There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveausgdma.c in nouveausgdmacreatettm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on...
K70415522: TMM vulnerability CVE-2021-23035
Security Advisory Description When an HTTP profile is configured on a virtual server, after a specific sequence of packets, chunked responses can cause the Traffic Management Microkernel TMM to terminate. CVE-2021-23035 Impact Traffic is disrupted while the TMM process restarts. This vulnerabilit...
K16620: QEMU vulnerability CVE-2015-3456
Security Advisory Description An out-of-bounds memory access flaw, also known as "VENOM," was found in the way QEMU's virtual Floppy Disk Controller FDC handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially...
K31300371: Linux kernel vulnerability CVE-2013-4483
Security Advisory Description The ipcrcuputref function in ipc/util.c in the Linux kernel before 3.10 does not properly manage a reference count, which allows local users to cause a denial of service memory consumption or system crash via a crafted application. CVE-2013-4483 Impact This...
K41739114: Linux kernel vulnerability CVE-2014-6410
Security Advisory Description A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially...
K02349370: dom4j library vulnerability CVE-2020-10683
Security Advisory Description dom4j before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. CVE-2020-106...
K000132537: OpenSSL vulnerabilities CVE-2022-4203, CVE-2023-0216, CVE-2023-0217, and CVE-2023-0401
Security Advisory Description CVE-2022-4203 A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or...
SOL63712424 - PHP vulnerability CVE-2015-8935
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL39712275 - PHP vulnerability CVE-2016-7414
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL76719230 - PHP vulnerability CVE-2015-4116
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL01837042 - Multiple Wireshark (tshark) vulnerabilities
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL03331206 - NTP vulnerability CVE-2016-4955
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL47009044 - FreeBSD vulnerability CVE-2016-1887
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL37603172 - Samba vulnerabilities CVE-2015-5370 and CVE-2016-2118
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL51324410 - SAMBA vulnerabilities CVE-2015-7560 and CVE-2016-0771
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL01948202 - Linux kernel vulnerability CVE-2016-0728
Vulnerability Recommended Actions None Supplemental Information SOL4602: Overview of the F5 security vulnerability response policy SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents...
SOL10600056 - NTP vulnerability CVE-2015-5300
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17516 - NTP vulnerability CVE-2015-7852
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17457 - Linux kernel vulnerability CVE-2015-6252
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL17245 - Linux kernel vulnerability CVE-2014-9584
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL17127 - PHP vulnerability CVE-2014-9709
The GetCode function in gdgifin.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function...
SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148
Important: Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable. Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16937 - OpenSSL vulnerability CVE-2015-1793
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. F5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity value...
SOL16869 - logrotate vulnerability CVE-2011-1098
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL15630 - TLS in Mozilla NSS vulnerability CVE-2013-1620
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists...
SOL15460 - OpenSSL Vulnerability CVE-2011-4109
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...
SOL15376 - OpenSSL 0.9.8k vulnerability CVE-2009-0789
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL14410 - Multiple MySQL vulnerabilities
Vulnerability Recommended Actions To eliminate these vulnerabilities, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. For Enterprise Manager, if you are unable to upgrade to 3.1.0, you can mitigate the remote vulnerability by configurin...
SOL14386 - BIND vulnerability CVE-2013-2266
Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the table. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to...
SOL13597 - OpenSSL vulnerability CVE-2012-1165
The mimeparamcmp function in crypto/asn1/asnmime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service NULL pointer dereference and application crash using a crafted S/MIME message; a different vulnerability than CVE-2006-7250...
SOL12650 - PHP vulnerability CVE-2010-4645
The strtod.c function may allow context-dependent attackers to cause a denial-of-service via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers. Information about this advisory is available at the following location: Note: The previous link...
SOL8921 - Linux kernel vulnerability CVE-2007-3740
A flaw in the CIFS filesystem could cause the umask values of a process to not be honored. Information about this advisory is available at the following location:...
SOL2319 - Insufficient MAC computation in OpenSSH - CAN-2003-0078
Obtaining and installing patches F5 has released a patch for BIG-IP and 3-DNS versions 4.2 and 4.5. To download the patch, perform the following procedure 1. Open the F5 Downloads page in a browser. 2. Navigate to the BIG-IP BIG-IP v4.x 4.5.x section. 3. Click CAN-2003-0078 and download the...
SOL4441 - BSD telnet vulnerabilities CAN-2005-0468 and CAN-2005-0469
Was this resource helpful in solving your issue? Yes - this resource was helpful No - this resource was not helpful I dont know yet NOTE: Please do not provide personal information. Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:...
SOL3369 - TCP reassembly queue vulnerability CAN-2004-0171
Was this resource helpful in solving your issue? Yes - this resource was helpful No - this resource was not helpful I dont know yet NOTE: Please do not provide personal information. Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:...