6364 matches found
SOL15931 - Unbound vulnerability CVE-2014-8602
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL15875 - cURL vulnerability CVE-2013-1944
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...
SOL15725 - Multiple 5.5.x and 5.6.x MySQL vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL15637 - GnuTLS vulnerability CVE-2013-2116
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL15604 - Multiple rsync vulnerabilities
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL167: Downloading software and firmware fro...
SOL15423 - GNU Libtasn1 vulnerabilities CVE-2014-3467 and CVE-2014-3468
Vulnerability Recommended Actions ARX If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exist...
SOL15405 - OpenSSL 0.9.8l vulnerability CVE-2009-4355
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL14386 - BIND vulnerability CVE-2013-2266
Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the table. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to...
SOL12650 - PHP vulnerability CVE-2010-4645
The strtod.c function may allow context-dependent attackers to cause a denial-of-service via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers. Information about this advisory is available at the following location: Note: The previous link...
SOL9913 - Apache Tomcat vulnerability - CVE-2008-4308
Description The doRead method in Apache Tomcat 4.1.32 through 4.1.34 and 5.5.10 through 5.5.20 does not return a -1 to indicate when a certain error condition has occurred, which can cause Tomcat to send POST content from one request to a different request. Information about this advisory is...
SOL8920 - Linux kernel vulnerability CVE-2007-2876
A flaw in the connection tracking support for SCTP allows a remote user to cause a denial of service by dereferencing a NULL pointer. Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the...
SOL8921 - Linux kernel vulnerability CVE-2007-3740
A flaw in the CIFS filesystem could cause the umask values of a process to not be honored. Information about this advisory is available at the following location:...
SOL6795 - ClamAV CHM Chunk Name Length DoS Vulnerability - CVE-2006-5295
The FirePass controller can be configured to provide anti-virus scanning of files uploaded through Portal Access using the ClamAV open source software. A vulnerability in ClamAV 0.88.4 and earlier versions could allow a remote attacker to crash the scanner process using a specially crafted...
SOL4441 - BSD telnet vulnerabilities CAN-2005-0468 and CAN-2005-0469
Was this resource helpful in solving your issue? Yes - this resource was helpful No - this resource was not helpful I don‘t know yet NOTE: Please do not provide personal information. Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:...
K000151008: Quarterly Security Notification (May 2025)
Security Advisory Description On May 7, 2025, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. You can watch th...
K000148278: Spring framework CVE-2024-38820 vulnerability
Security Advisory Description The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase has some Locale dependent exceptions that could potentially result in fields not protected as expected. CVE-2024-38820 Impact There is no impact; F5...
K000138833: BIG-IP TMM vulnerability CVE-2024-41727
Security Advisory Description In BIG-IP tenants running on r2000 and r4000 series hardware, or BIG-IP Virtual Edition VEs using Intel E810 SR-IOV NIC, undisclosed traffic can cause an increase in memory resource utilization. CVE-2024-41727 Impact System performance can degrade until the Traffic...
K000140257: OpenSSL vulnerability CVE-2024-4741
Security Advisory Description Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or...
K000139012: BIG-IP Next Central Manager vulnerability CVE-2024-33612
Security Advisory Description An improper certificate validation vulnerability exists in BIG-IP Next Central Manager and may allow an attacker to impersonate an Instance Provider system. A successful exploit of this vulnerability can allow the attacker to cross a security boundary. CVE-2024-33612...
K000139429: Oracle GraalVM Vulnerability CVE-2024-20954 and CVE-2024-21098
Security Advisory Description CVE-2024-20954 Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Compiler. Supported versions that are affected are Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM Enterprise Edition: 20.3....
K000138953: Python vulnerability CVE-2023-41105
Security Advisory Description An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath, the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for...
K000138695: OpenSSL vulnerability CVE-2024-0727
Security Advisory Description Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly. A file in PKCS12...
K000137796: BIG-IP SSL profile security exposure
Security Advisory Description The BIG-IP system may not honor the revocation status of a certificate present in the certificate revocation list CRL file, potentially allowing unauthorized connections. This issue occurs when all of the following conditions are met: A ClientSSL or ServerSSL profile...
K000138600: Python vulnerability CVE-2023-43804
Security Advisory Description urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a Cookie heade...
K000137330: Node.JS vulnerabilities CVE-2023-38552, CVE-2023-39331, CVE-2023-39332, and CVE-2023-3933
Security Advisory Description CVE-2023-38552 When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check...
K000137093: Node.js vulnerabilities CVE-2018-7167, CVE-2018-12115, and CVE-2018-12116
Security Advisory Description CVE-2018-7167 Calling Buffer.fill or Buffer.alloc with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc and Buffer.fill were updated so that they zero fill instea...
K000137054: libwebp vulnerabilities CVE-2023-4863 and CVE-2023-5129
Security Advisory Description CVE-2023-4863 Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical CVE-2023-5129 REJECTED This CVE I...
K000135122: Linux kernel vulnerability CVE-2023-0461
Security Advisory Description There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIGTLS or CONFIGXFRMESPINTCP has to be configured, but the operation does not require any...
K75532331: iRulesLX debug NodeJS vulnerability CVE-2019-6644
Security Advisory Description Similar to the issue identified in CVE-2018-12120, the BIG-IP system will bind a debug nodejs process to all interfaces when invoked. This may expose the process to unauthorized users if the plugin is left in debug mode and the port is accessible. CVE-2019-6644 Impac...
K93960557: Linux kernel vulnerability CVE-2018-5953
Security Advisory Description The swiotlbprintinfo function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call. CVE-2018-5953 Impact There is no impact; F5 products are not...
K75910138: Python vulnerabilities CVE-2011-1521, CVE-2011-4940, CVE-2011-4944, CVE-2012-0845, and CVE-2012-1150
Security Advisory Description CVE-2011-1521 The urllib and urllib2 modules in Python 2.x before 2.7.2 and 3.x before 3.2.1 process Location headers that specify redirection to file: URLs, which makes it easier for remote attackers to obtain sensitive information or cause a denial of service...
K15262: Apache Struts vulnerability CVE-2014-0113
Security Advisory Description CookieInterceptor in Apache Struts before 2.3.16.2, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request...
K17126: Apache Struts vulnerability CVE-2014-7809
Security Advisory Description Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable values, which allows remote attackers to bypass the CSRF protection mechanism. CVE-2014-7809 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5...
K14631834: NGINX Controller vulnerability CVE-2020-5863
Security Advisory Description In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the Controller API can create unprivileged user accounts. The user which is created is only able to upload a new license to the system but cannot view or modify any other...
K05032915: GNU Binutils vulnerability CVE-2019-1010204
Security Advisory Description GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vect...
K26310765: HTTP/2 profile vulnerability CVE-2022-23012
Security Advisory Description When the HTTP/2 profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23012 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote unauthenticate...
K43798238: OpenSSL vulnerability CVE-2019-1551
Security Advisory Description There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be ver...
K88511840: QEMU vulnerability CVE-2015-8345
Security Advisory Description The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service application crash and infinite loop via vectors involving the command block list. CVE-2015-8345 Impact There is no impact; F5 products are not affected by this...
K82224417: Linux kernel vulnerability CVE-2017-7308
Security Advisory Description The packetsetring function in net/packet/afpacket.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service overflow or possibly have unspecified other impact via crafted system call...
K9109: Apache Tomcat cross-site scripting vulnerability CVE-2008-1947
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K15260: Apache Struts vulnerability CVE-2014-0094
Security Advisory Description The ParametersInterceptor in Apache Struts before 2.3.16.1 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method. CVE-2014-0094 Impact None. F5 products do not use the affected Apache Struts version...
K14739: OpenSSH vulnerability CVE-2008-3234
Security Advisory Description sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ colon slash sequence, followed by the role name, to the username. CVE-2008-3234 Impact None. No F...
K61570943: Multiple libXML2 vulnerabilities
Security Advisory Description CVE-2015-5312 The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly prevent entity expansion, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted XML data, a different vulnerability...
K8578: Security Advisory: BIND buffer overflow in inet_network CVE-2008-0122
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K65271605: NTP vulnerability CVE-2016-1549
Security Advisory Description A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and...
K15341: BIG-IP ASM Virtual Edition may run out of memory under certain DoS conditions
Security Advisory Description The BIG-IP ASM system limits the maximum number of concurrent requests with large payloads 10,000 bytes or larger by default to 100, using the maxconcurrentlongrequest internal parameter. The BIG-IP ASM system drops new requests with large payloads once this limit is...
K71581599: libgd vulnerability CVE-2016-6161
Security Advisory Description The output function in gdgifout.c in the GD Graphics Library aka libgd allows remote attackers to cause a denial of service out-of-bounds read via a crafted image. CVE-2016-6161 Impact When using PHP to generate GIF images, it is possible for a specially crafted GD2...
K51494034: Intel NUC BIOS firmware vulnerability CVE-2021-33164
Security Advisory Description Improper access control in BIOS firmware for some IntelR NUCs before version INWHL357.0046 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2021-33164 Impact There is no impact; F5 products are not affected by this...
K49921213: glibc vulnerability CVE-2020-1752
Security Advisory Description A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit thi...
K51444934: NTP vulnerability CVE-2016-7426
Security Advisory Description NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service prevent responses from the sources by sending responses with a spoofed source...