Lucene search
+L

6414 matches found

f5
f5
•added 2023/02/21 6:47 p.m.•48 views

K70321874: Oracle Java SE vulnerability CVE-2018-2795

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allo...

5.3CVSS4.2AI score0.078EPSS
Exploits0
f5
f5
•added 2023/02/21 6:36 p.m.•48 views

K000132697: Curl vulnerability CVE-2022-43551

Security Advisory Description A vulnerability exists in curl 7.87.0 HSTS check that could be bypassed to trick it to keep using HTTP. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. However, the...

7.5CVSS6.5AI score0.1654EPSS
Exploits1
f5
f5
•added 2023/02/21 6:35 p.m.•48 views

K37236006: SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415

Security Advisory Description CVE-2015-3414 SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service uninitialized memory access and application crash or possibly have unspecified other impact...

7.5CVSS8AI score0.04852EPSS
Exploits0Affected Software2
f5
f5
•added 2023/02/21 6:35 p.m.•48 views

K68647001: Authenticated F5 BIG-IP Guided Configuration in Appliance mode vulnerability CVE-2022-27806

Security Advisory Description When running in Appliance mode, an authenticated attacker assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing command injection vulnerabilities in undisclosed URIs in F5 BIG-IP Guided Configuration. CVE-2022-27806 Impact In...

8.7CVSS7.3AI score0.01454EPSS
Exploits0Affected Software3
f5
f5
•added 2023/02/21 6:35 p.m.•48 views

K64765350: QEMU vulnerability CVE-2015-4037

Security Advisory Description The slirpsmb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service instantiation failure by creating /tmp/qemu-smb.- files before the program. CVE-2015-4037 Impact There...

1.9CVSS7.5AI score0.00372EPSS
Exploits0
f5
f5
•added 2023/02/21 6:35 p.m.•48 views

K53192206: Python and Jython vulnerability CVE-2013-1752

Security Advisory Description REJECT Various versions of Python do not properly restrict readline calls, which allows remote attackers to cause a denial of service memory consumption via a long string, related to 1 httplib - fixed in 2.7.4, 2.6.9, and 3.3.3; 2 ftplib - fixed in 2.7.6, 2.6.9, 3.3....

8.1AI score
Exploits1Affected Software15
f5
f5
•added 2023/02/21 6:35 p.m.•48 views

K16449953: Linux parse_audio_mixer_unit kernel vulnerability CVE-2019-15117

Security Advisory Description parseaudiomixerunit in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles a short descriptor, leading to out-of-bounds memory access. CVE-2019-15117 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...

7.8CVSS7.3AI score0.00613EPSS
Exploits0
f5
f5
•added 2023/02/21 6:34 p.m.•48 views

K18829561: BIND vulnerability CVE-2016-2776

Security Advisory Description Testing by ISC has uncovered a critical error condition which can occur when a nameserver is constructing a response. A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a...

7.8CVSS7.8AI score0.89482EPSS
Exploits7Affected Software23
f5
f5
•added 2023/02/21 6:34 p.m.•48 views

K13591074: BIND vulnerability CVE-2020-8625

Security Advisory Description BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setti...

8.1CVSS7.2AI score0.64161EPSS
Exploits0
f5
f5
•added 2023/02/21 6:34 p.m.•48 views

K22893952: Apache vulnerability CVE-2019-0190

Security Advisory Description A bug exists in the way modssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause modssl to enter a loop leading to a denial of service. This bug can be only triggered with Apache HTTP Server version 2.4.37 when...

7.5CVSS6.9AI score0.59942EPSS
Exploits0
f5
f5
•added 2023/02/21 6:33 p.m.•48 views

K71103363: BIG-IP big3d vulnerability CVE-2022-29480

Security Advisory Description When multiple route domains are configured, undisclosed requests to big3d can cause an increase in CPU resource utilization. CVE-2022-29480 Impact This vulnerability allows a remote, unauthenticated attacker to cause a degradation of service that can lead to a...

5.3CVSS5.4AI score0.00854EPSS
Exploits0Affected Software13
f5
f5
•added 2023/02/21 6:33 p.m.•48 views

K95010211: Samba vulnerability CVE-2019-14907

Security Advisory Description All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" or above then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provid...

6.5CVSS6.5AI score0.03151EPSS
Exploits0
f5
f5
•added 2023/02/21 6:33 p.m.•48 views

K32121038: BIG-IP mcpd vulnerability CVE-2020-5876

Security Advisory Description A race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address of a peer, adding a new peer, or when the Traffic Management...

8.1CVSS7.9AI score0.00571EPSS
Exploits0Affected Software11
f5
f5
•added 2023/02/21 6:33 p.m.•48 views

K51303334: OpenSSL vulnerability CVE-2019-1543

Security Advisory Description ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less th...

7.4CVSS6.2AI score0.05701EPSS
Exploits0
f5
f5
•added 2023/02/21 6:33 p.m.•48 views

K22494544: SNMP Incorrect Access Control vulnerability CVE-2017-5135

Security Advisory Description Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor formerly Cisco DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from th...

9.1CVSS9.2AI score0.17534EPSS
Exploits3
f5
f5
•added 2023/02/21 6:32 p.m.•48 views

K33567812: Kernel vulnerabilities CVE-2017-12192 and CVE-2017-15274

Security Advisory Description CVE-2017-12192 The keyctlreadkey function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of...

5.5CVSS6AI score0.00452EPSS
Exploits0Affected Software1
f5
f5
•added 2023/02/21 6:29 p.m.•48 views

K15315: Java Open JDK vulnerability CVE-2014-0429

Security Advisory Description Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51. CVE-2014-0429 Impact None. No F5 products are affected by this vulnerability. Security Advisory Status To determine if your release is known...

10CVSS7.4AI score0.07571EPSS
Exploits0
f5
f5
•added 2023/02/21 6:28 p.m.•48 views

K17454: OpenSSL vulnerabilities CVE-2005-2946, CVE-2008-0891, and CVE-2012-2131

Security Advisory Description CVE-2005-2946 The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptographically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature...

7.5CVSS8.3AI score0.17001EPSS
Exploits1
f5
f5
•added 2023/02/21 6:27 p.m.•48 views

K15318: OpenSSL vulnerability CVE-2011-3207

Security Advisory Description The OpenSSL crypto/x509/x509vfy.c library for 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. CVE-2011-3207 Impact...

5CVSS7.8AI score0.05012EPSS
Exploits0
f5
f5
•added 2023/02/21 6:14 p.m.•48 views

K32743437: OpenSSL vulnerability CVE-2016-7056

Security Advisory Description A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. CVE-2016-7056 Impact A malicious user with local access can recover Elliptic Curve Digital Signature Algorithm ECDSA...

5.5CVSS7AI score0.00594EPSS
Exploits0Affected Software22
f5
f5
•added 2023/02/21 6:13 p.m.•48 views

K15532: XSS vulnerability in echo.jsp CVE-2014-4023

Security Advisory Description A cross-site scripting XSS vulnerability exists in tmui/dashboard/echo.jsp for the BIG-IP Configuration utility and the Enterprise Manager Configuration utility. Impact Some echo.jsp parameters may allow an attacker to bypass cross-site scripting XSS protection...

5.5AI score
Exploits0Affected Software14
f5
f5
•added 2023/02/21 6:4 p.m.•48 views

K51841514: QEMU vulnerability CVE-2015-6855

Security Advisory Description hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WINREADNATIVEMAX command to an...

7.5CVSS8.3AI score0.03502EPSS
Exploits0Affected Software4
f5
f5
•added 2023/02/21 5:39 p.m.•48 views

K72225092: Linux kernel vulnerability CVE-2015-8746

Security Advisory Description fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service NULL pointer dereference and panic via crafted network traffic...

7.5CVSS7.2AI score0.03103EPSS
Exploits0
f5
f5
•added 2023/02/21 5:38 p.m.•48 views

K12903841: Linux kernel vulnerabilities CVE-2015-4170, CVE-2015-6526, and CVE-2015-7837

Security Advisory Description CVE-2015-4170 Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service ldsemdownread and ldsemdownwrite deadlock by establishing a new tty thread during...

5.5CVSS5.1AI score0.00405EPSS
Exploits0
f5
f5
•added 2023/02/21 5:34 p.m.•48 views

K65342329: Java vulnerabilities CVE-2016-0494, CVE-2016-0448, and CVE-2016-0402

Security Advisory Description CVE-2016-0494 Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

10CVSS6.5AI score0.07211EPSS
Exploits0
f5
f5
•added 2023/02/21 5:32 p.m.•48 views

K30971148: Apache Tomcat 6.x vulnerability CVE-2015-5174

Security Advisory Description Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. slash dot dot in...

4.3CVSS6.5AI score0.12555EPSS
Exploits0Affected Software17
f5
f5
•added 2023/02/21 5:28 p.m.•48 views

K59503294: libjpeg vulnerability CVE-2013-6629

Security Advisory Description The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow...

5CVSS7.1AI score0.10117EPSS
Exploits0Affected Software21
f5
f5
•added 2023/02/21 5:27 p.m.•48 views

K23332326: Apache HTTPD vulnerability CVE-2010-2791

Security Advisory Description modproxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connection, which allows remote attackers to obtain a potentially sensitive response intended for ...

5CVSS6.2AI score0.08284EPSS
Exploits1Affected Software9
f5
f5
•added 2023/01/27 1:26 a.m.•48 views

K000132268: BIND vulnerability CVE-2022-3924

Security Advisory Description This issue can affect BIND 9 resolvers with stale-answer-enable yes; that also make use of the option stale-answer-client-timeout, configured with a value greater than zero. If the resolver receives many queries that require recursion, there will be a corresponding...

7.5CVSS7.5AI score0.15989EPSS
Exploits0
f5
f5
•added 2023/01/26 9:2 p.m.•48 views

K000132266: BIND vulnerability CVE-2022-3094

Security Advisory Description Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to a lack of free memory. We are not aware of any cases where this has been exploited. Memory is allocated prior to the checking of...

7.5CVSS7.2AI score0.13108EPSS
Exploits0
f5
f5
•added 2016/09/28 12:0 a.m.•48 views

SOL64743453 - NAT64 vulnerability CVE-2016-5745

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

10CVSS2.3AI score0.04764EPSS
Exploits0References7
f5
f5
•added 2016/09/06 12:0 a.m.•48 views

SOL65460334 - Expat XML parser vulnerability CVE-2012-6702

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.9CVSS2.1AI score0.02371EPSS
Exploits0References8
f5
f5
•added 2016/07/26 12:0 a.m.•48 views

SOL75004031 - Python vulnerability CVE-2016-1000110

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

6.1CVSS2.7AI score0.04689EPSS
Exploits0References4
f5
f5
•added 2016/05/23 12:0 a.m.•48 views

SOL34146339 - OpenSSL vulnerability CVE-2000-1254

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.7AI score0.03137EPSS
Exploits0References4
f5
f5
•added 2016/04/07 12:0 a.m.•48 views

SOL51079478 - Glibc vulnerability CVE-2015-8778

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

9.8CVSS3.5AI score0.05515EPSS
Exploits1References8
f5
f5
•added 2016/01/28 12:0 a.m.•48 views

SOL73189318 - Linux kernel vulnerability CVE-2015-7509

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.9CVSS0.3AI score0.00405EPSS
Exploits0References3
f5
f5
•added 2016/01/28 12:0 a.m.•48 views

SOL37510383 - Linux kernel SCTP vulnerability CVE-2015-5283

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.7CVSS0.4AI score0.00549EPSS
Exploits1References4
f5
f5
•added 2015/12/23 12:0 a.m.•48 views

SOL22234807 - Apache vulnerability CVE-2009-3094

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

2.6CVSS2.5AI score0.08566EPSS
Exploits2References4
f5
f5
•added 2015/12/14 12:0 a.m.•48 views

SOL91245485 - RSA-CRT key leak vulnerability CVE-2015-5738

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.8AI score0.02425EPSS
Exploits0References5
f5
f5
•added 2015/07/17 12:0 a.m.•48 views

SOL16904 - OpenSSL ssleay_rand_byte(s) regression CVE-2015-3216

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

4.3CVSS2.8AI score0.04302EPSS
Exploits0References4
f5
f5
•added 2015/04/03 12:0 a.m.•48 views

SOL16355 - Multiple MySQL vulnerabilities

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS3.3AI score0.10066EPSS
Exploits0References4
f5
f5
•added 2015/03/30 12:0 a.m.•48 views

SOL16319 - OpenSSL vulnerability CVE-2015-0288

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS0.6AI score0.08518EPSS
Exploits0References4
f5
f5
•added 2014/12/23 12:0 a.m.•48 views

SOL15931 - Unbound vulnerability CVE-2014-8602

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

4.3CVSS0.2AI score0.25205EPSS
Exploits0References6
f5
f5
•added 2014/12/11 12:0 a.m.•48 views

SOL15902 - Apache vulnerability CVE-2010-1623

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS1.8AI score0.20167EPSS
Exploits0References7
f5
f5
•added 2014/10/27 12:0 a.m.•48 views

SOL15746 - Linux kernel vulnerability CVE-2012-4542

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...

4.6CVSS2.1AI score0.00349EPSS
Exploits0References5
f5
f5
•added 2014/10/23 12:0 a.m.•48 views

SOL15725 - Multiple 5.5.x and 5.6.x MySQL vulnerabilities

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.4AI score0.14784EPSS
Exploits1References4
f5
f5
•added 2014/09/18 12:0 a.m.•48 views

SOL15604 - Multiple rsync vulnerabilities

Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL167: Downloading software and firmware fro...

10CVSS4.2AI score0.05442EPSS
Exploits1References4
f5
f5
•added 2014/07/17 12:0 a.m.•48 views

SOL15429 - Apache Tomcat vulnerability CVE-2014-0119

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, or does not list a version that is higher than the version you...

4.3CVSS0.6AI score0.07616EPSS
Exploits0References4
f5
f5
•added 2014/07/10 12:0 a.m.•48 views

SOL15405 - OpenSSL 0.9.8l vulnerability CVE-2009-4355

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS2.7AI score0.08941EPSS
Exploits2References4
f5
f5
•added 2009/04/05 12:0 a.m.•48 views

SOL9913 - Apache Tomcat vulnerability - CVE-2008-4308

Description The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request. Information about this advisory is...

2.6CVSS7.3AI score0.03914EPSS
Exploits2
Total number of security vulnerabilities5000