6414 matches found
K70321874: Oracle Java SE vulnerability CVE-2018-2795
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allo...
K000132697: Curl vulnerability CVE-2022-43551
Security Advisory Description A vulnerability exists in curl 7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the...
K37236006: SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415
Security Advisory Description CVE-2015-3414 SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact...
K68647001: Authenticated F5 BIG-IP Guided Configuration in Appliance mode vulnerability CVE-2022-27806
Security Advisory Description When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. CVE-2022-27806 Impact In...
K64765350: QEMU vulnerability CVE-2015-4037
Security Advisory Description The slirpsmb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service instantiation failure by creating /tmp/qemu-smb.- files before the program. CVE-2015-4037 Impact There...
K53192206: Python and Jython vulnerability CVE-2013-1752
Security Advisory Description REJECT Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service memory consumption via a long string, related to 1 httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; 2 ftplib - fixed in 2.7.6, 2.6.9, 3.3....
K16449953: Linux parse_audio_mixer_unit kernel vulnerability CVE-2019-15117
Security Advisory Description parseaudiomixerunit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. CVE-2019-15117 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...
K18829561: BIND vulnerability CVE-2016-2776
Security Advisory Description Testing by ISC has uncovered a critical error condition which can occur when a nameserver is constructing a response. A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a...
K13591074: BIND vulnerability CVE-2020-8625
Security Advisory Description BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setti...
K22893952: Apache vulnerability CVE-2019-0190
Security Advisory Description A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when...
K71103363: BIG-IP big3d vulnerability CVE-2022-29480
Security Advisory Description When multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. CVE-2022-29480 Impact This vulnerability allows a remote, unauthenticated attacker to cause a degradation of service that can lead to a...
K95010211: Samba vulnerability CVE-2019-14907
Security Advisory Description All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" or above then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provid...
K32121038: BIG-IP mcpd vulnerability CVE-2020-5876
Security Advisory Description A race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address of a peer, adding a new peer, or when the Traffic Management...
K51303334: OpenSSL vulnerability CVE-2019-1543
Security Advisory Description ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less th...
K22494544: SNMP Incorrect Access Control vulnerability CVE-2017-5135
Security Advisory Description Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor formerly Cisco DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from th...
K33567812: Kernel vulnerabilities CVE-2017-12192 and CVE-2017-15274
Security Advisory Description CVE-2017-12192 The keyctlreadkey function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of...
K15315: Java Open JDK vulnerability CVE-2014-0429
Security Advisory Description Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51. CVE-2014-0429 Impact None. No F5 products are affected by this vulnerability. Security Advisory Status To determine if your release is known...
K17454: OpenSSL vulnerabilities CVE-2005-2946, CVE-2008-0891, and CVE-2012-2131
Security Advisory Description CVE-2005-2946 The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature...
K15318: OpenSSL vulnerability CVE-2011-3207
Security Advisory Description The OpenSSL crypto/x509/x509vfy.c library for 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. CVE-2011-3207 Impact...
K32743437: OpenSSL vulnerability CVE-2016-7056
Security Advisory Description A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. CVE-2016-7056 Impact A malicious user with local access can recover Elliptic Curve Digital Signature Algorithm ECDSA...
K15532: XSS vulnerability in echo.jsp CVE-2014-4023
Security Advisory Description A cross-site scripting XSS vulnerability exists in tmui/dashboard/echo.jsp for the BIG-IP Configuration utility and the Enterprise Manager Configuration utility. Impact Some echo.jsp parameters may allow an attacker to bypass cross-site scripting XSS protection...
K51841514: QEMU vulnerability CVE-2015-6855
Security Advisory Description hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WINREADNATIVEMAX command to an...
K72225092: Linux kernel vulnerability CVE-2015-8746
Security Advisory Description fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service NULL pointer dereference and panic via crafted network traffic...
K12903841: Linux kernel vulnerabilities CVE-2015-4170, CVE-2015-6526, and CVE-2015-7837
Security Advisory Description CVE-2015-4170 Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service ldsemdownread and ldsemdownwrite deadlock by establishing a new tty thread during...
K65342329: Java vulnerabilities CVE-2016-0494, CVE-2016-0448, and CVE-2016-0402
Security Advisory Description CVE-2016-0494 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...
K30971148: Apache Tomcat 6.x vulnerability CVE-2015-5174
Security Advisory Description Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. slash dot dot in...
K59503294: libjpeg vulnerability CVE-2013-6629
Security Advisory Description The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow...
K23332326: Apache HTTPD vulnerability CVE-2010-2791
Security Advisory Description modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for ...
K000132268: BIND vulnerability CVE-2022-3924
Security Advisory Description This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding...
K000132266: BIND vulnerability CVE-2022-3094
Security Advisory Description Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of...
SOL64743453 - NAT64 vulnerability CVE-2016-5745
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL65460334 - Expat XML parser vulnerability CVE-2012-6702
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL75004031 - Python vulnerability CVE-2016-1000110
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL34146339 - OpenSSL vulnerability CVE-2000-1254
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL51079478 - Glibc vulnerability CVE-2015-8778
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL73189318 - Linux kernel vulnerability CVE-2015-7509
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL37510383 - Linux kernel SCTP vulnerability CVE-2015-5283
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL22234807 - Apache vulnerability CVE-2009-3094
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL91245485 - RSA-CRT key leak vulnerability CVE-2015-5738
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16904 - OpenSSL ssleay_rand_byte(s) regression CVE-2015-3216
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL16355 - Multiple MySQL vulnerabilities
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16319 - OpenSSL vulnerability CVE-2015-0288
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15931 - Unbound vulnerability CVE-2014-8602
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15902 - Apache vulnerability CVE-2010-1623
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15746 - Linux kernel vulnerability CVE-2012-4542
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...
SOL15725 - Multiple 5.5.x and 5.6.x MySQL vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15604 - Multiple rsync vulnerabilities
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL167: Downloading software and firmware fro...
SOL15429 - Apache Tomcat vulnerability CVE-2014-0119
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, or does not list a version that is higher than the version you...
SOL15405 - OpenSSL 0.9.8l vulnerability CVE-2009-4355
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL9913 - Apache Tomcat vulnerability - CVE-2008-4308
Description The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request. Information about this advisory is...