Lucene search
K

6357 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•46 views

K33535454: Linux kernel vulnerability CVE-2019-19063

Security Advisory Description Two memory leaks in the rtlusbprobe function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service memory consumption, aka CID-3f9361695113. CVE-2019-19063 Impact There is no impact; F5 products...

4.9CVSS6.1AI score0.00897EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•46 views

K18004724: Linux kernel vulnerability CVE-2020-8835

Security Advisory Description In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series,...

7.8CVSS6.3AI score0.0606EPSS
Exploits9
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•46 views

K44288218: Apache Tomcat vulnerability CVE-2012-5568

Security Advisory Description Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service daemon outage via partial HTTP requests, as demonstrated by Slowloris. CVE-2012-5568 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Stat...

5CVSS5.3AI score0.09588EPSS
Exploits2
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•46 views

K23153696: Apache HTTPD vulnerability CVE-2020-1927

Security Advisory Description In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. CVE-2020-1927 Impact An attacker can abuse...

6.1CVSS6.8AI score0.56691EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•46 views

K51535953: Intel CPU vulnerability CVE-2019-0185

Security Advisory Description Insufficient access control in protected memory subsystem for SMM for 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor families; IntelR XeonR Processor E3-1500 v5 and v6 families; IntelR XeonR E-2100 and E-2200 Processor families with IntelR Processor Graphic...

5.5CVSS5.7AI score0.00349EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•46 views

K73540515: Linux kernel vulnerability CVE-2018-14633

Security Advisory Description A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 1...

8.3CVSS7.6AI score0.08743EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•46 views

K27003374: Linux Kernel vulnerability CVE-2018-14734

Security Advisory Description drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucmaleavemulticast to access a certain data structure after a cleanup step in ucmaprocessjoin, which allows attackers to cause a denial of service use-after-free. CVE-2018-14734 Impact There is...

7.8CVSS6.6AI score0.00566EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•46 views

K24359631: Intel BIOS firmware vulnerability CVE-2022-21198

Security Advisory Description Time-of-check time-of-use race condition in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-21198 Impact There is no impact; F5 products are not affected by this...

7.9CVSS6.5AI score0.00131EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•46 views

K04734043: Java vulnerability CVE-2017-10198

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows...

6.8CVSS7.1AI score0.02598EPSS
Exploits0Affected Software9
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•46 views

K32121038: BIG-IP mcpd vulnerability CVE-2020-5876

Security Advisory Description A race condition exists where mcpd and other processes may make unencrypted connection attempts to a new configuration sync peer. The race condition can occur when changing the ConfigSync IP address of a peer, adding a new peer, or when the Traffic Management...

8.1CVSS7.9AI score0.00571EPSS
Exploits0Affected Software11
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•46 views

K22494544: SNMP Incorrect Access Control vulnerability CVE-2017-5135

Security Advisory Description Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor formerly Cisco DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from th...

9.1CVSS9.2AI score0.17397EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/21 6:32 p.m.•46 views

K15567: OpenSSL vulnerability CVE-2014-5139

Security Advisory Description The sslsetclientdisabled function in t1lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service NULL pointer dereference and client application crash via a ServerHello message that includes an SRP ciphersuite without the required...

4.3CVSS7AI score0.19997EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:27 p.m.•46 views

K15318: OpenSSL vulnerability CVE-2011-3207

Security Advisory Description The OpenSSL crypto/x509/x509vfy.c library for 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past. CVE-2011-3207 Impact...

5CVSS7.8AI score0.05012EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:20 p.m.•46 views

K20804323: NTP vulnerability CVE-2016-2518

Security Advisory Description The MATCHASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value. CVE-2016-2518 Using a crafted packet to create a peer association with hmode 7...

5.3CVSS6.6AI score0.15081EPSS
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 6:14 p.m.•46 views

K32743437: OpenSSL vulnerability CVE-2016-7056

Security Advisory Description A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. CVE-2016-7056 Impact A malicious user with local access can recover Elliptic Curve Digital Signature Algorithm ECDSA...

5.5CVSS7AI score0.00594EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
•added 2023/02/21 6:14 p.m.•46 views

K15158: OpenSSL vulnerability CVE-2013-6450

Security Advisory Description The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and...

5.8CVSS7.3AI score0.14542EPSS
Exploits1Affected Software10
F5 Networks
F5 Networks
•added 2023/02/21 6:3 p.m.•46 views

K10164113: Linux kernel vulnerability CVE-2015-8787

Security Advisory Description The nfnatredirectipv4 function in net/netfilter/nfnatredirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by sending certain IPv4 packets to ...

10CVSS7AI score0.09235EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:38 p.m.•46 views

K12903841: Linux kernel vulnerabilities CVE-2015-4170, CVE-2015-6526, and CVE-2015-7837

Security Advisory Description CVE-2015-4170 Race condition in the ldsemcmpxchg function in drivers/tty/ttyldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service ldsemdownread and ldsemdownwrite deadlock by establishing a new tty thread during...

5.5CVSS5.1AI score0.00405EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:29 p.m.•46 views

K93203055: Java vulnerability CVE-2015-4872

Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect integrity via unknown vectors related to Security. CVE-2015-4872 Impact A remote attacker may affect the integrity of the...

5CVSS5.7AI score0.03703EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 5:28 p.m.•46 views

K08039035: MySQL vulnerability CVE-2015-4910

Security Advisory Description Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached. CVE-2015-4910 Impact This vulnerability may allow remote authenticated users to affect...

2.1CVSS6.4AI score0.01983EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 4:17 p.m.•46 views

K5004: Security Advisory: zlib buffer overflow - CAN-2005-2096

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

7.5CVSS8.8AI score0.05476EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/16 7:21 p.m.•46 views

K000132638: SnakeYAML vulnerability CVE-2022-1471

Security Advisory Description SnakeYaml's Constructor class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content...

9.8CVSS8.2AI score0.99615EPSS
Exploits7
F5 Networks
F5 Networks
•added 2022/12/30 11:30 p.m.•46 views

K30183369: Linux kernel vulnerabilities CVE-2019-15217 and CVE-2019-15221

Security Advisory Description CVE-2019-15217 An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver. CVE-2019-15221 An issue was discovered in the Linux kernel before 5.1.17...

4.9CVSS6.1AI score0.00712EPSS
Exploits2
F5 Networks
F5 Networks
•added 2022/12/28 7:7 a.m.•46 views

K04043655: Linux kernel vulnerability CVE-2019-14816

Security Advisory Description There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of servicesystem crash or possibly execute arbitrary code. CVE-2019-14816 Impact There is no...

7.8CVSS7.1AI score0.00909EPSS
Exploits1
F5 Networks
F5 Networks
•added 2016/10/21 12:0 a.m.•46 views

SOL25499204 - Samba vulnerability CVE-2015-8467

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.9AI score0.11526EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/08/03 12:0 a.m.•46 views

SOL91084571 - PHP vulnerability CVE-2015-8873

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS1.6AI score0.03881EPSS
Exploits1References9
F5 Networks
F5 Networks
•added 2016/07/26 12:0 a.m.•46 views

SOL51663510 - Apache Tomcat vulnerability CVE-2016-5388

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

8.1CVSS2.4AI score0.50896EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/05/06 12:0 a.m.•46 views

SOL47145213 - OpenSSL vulnerability CVE-2016-2176

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

8.2CVSS0.7AI score0.22841EPSS
Exploits1References3
F5 Networks
F5 Networks
•added 2016/01/28 12:0 a.m.•46 views

SOL72225092 - Linux kernel vulnerability CVE-2015-8746

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.5AI score0.03044EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/01/07 12:0 a.m.•46 views

SOL22843911 - F5 Path MTU Discovery vulnerability CVE-2015-7759

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS1.1AI score0.01516EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2016/01/05 12:0 a.m.•46 views

SOL13405416 - QEMU vulnerability CVE-2012-3515

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.2CVSS2.2AI score0.00528EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/11/02 12:0 a.m.•46 views

SOL17521 - NTP vulnerability CVE-2015-7849

If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently running, or does not lis...

8.8CVSS0.2AI score0.16848EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/09/09 12:0 a.m.•46 views

SOL17251 - Apache vulnerability CVE-2015-3183

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

5CVSS0.9AI score0.73327EPSS
Exploits0References7
F5 Networks
F5 Networks
•added 2015/09/08 12:0 a.m.•46 views

SOL17239 - Linux kernel vulnerability CVE-2014-9529

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

6.9CVSS0.8AI score0.00339EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/07/10 12:0 a.m.•46 views

SOL16949 - Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148

Important: Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are, therefore, not exploitable. Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can...

5CVSS1.2AI score0.05724EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/07/08 12:0 a.m.•46 views

SOL16937 - OpenSSL vulnerability CVE-2015-1793

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. F5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity value...

6.5CVSS1.3AI score0.61798EPSS
Exploits6References3
F5 Networks
F5 Networks
•added 2015/04/21 12:0 a.m.•46 views

SOL16476 - NET-SNMP vulnerability CVE-2012-6151

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS2.5AI score0.09451EPSS
Exploits1References10
F5 Networks
F5 Networks
•added 2015/04/15 12:0 a.m.•46 views

SOL16441 - MIT Kerberos 5 vulnerability CVE-2014-9423

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...

5CVSS3.4AI score0.0389EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2015/04/03 12:0 a.m.•46 views

SOL16355 - Multiple MySQL vulnerabilities

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS3.3AI score0.10066EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/03/30 12:0 a.m.•46 views

SOL16319 - OpenSSL vulnerability CVE-2015-0288

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS0.6AI score0.08518EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/01/08 12:0 a.m.•46 views

SOL15967 - glibc and eglibc vulnerability CVE-2011-2702

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

6.8CVSS2.7AI score0.08458EPSS
Exploits6References4
F5 Networks
F5 Networks
•added 2014/12/23 12:0 a.m.•46 views

SOL15931 - Unbound vulnerability CVE-2014-8602

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

4.3CVSS0.2AI score0.25205EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2014/12/11 12:0 a.m.•46 views

SOL15902 - Apache vulnerability CVE-2010-1623

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS1.8AI score0.20167EPSS
Exploits0References7
F5 Networks
F5 Networks
•added 2014/12/04 12:0 a.m.•46 views

SOL15872 - libxml2 vulnerability CVE-2014-3660

parser.c in libxml2 before 2.9.2 does not properly prevent entity expansion even when entity substitution has been disabled, which allows context-dependent attackers to cause a denial of service CPU consumption via a crafted XML document containing a large number of nested entity references, a...

5CVSS5.9AI score0.03988EPSS
Exploits1References5
F5 Networks
F5 Networks
•added 2014/12/01 12:0 a.m.•46 views

SOL15879 - SOAP parser vulnerability CVE-2013-1824

Certain product versions contain the affected code; however, those product versions do not parse untrusted XML input, and are therefore not exploitable. Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate thi...

4.3CVSS1.7AI score0.04314EPSS
Exploits1References5
F5 Networks
F5 Networks
•added 2014/11/27 12:0 a.m.•46 views

SOL15881 - Libpng vulnerability CVE-2011-3048

The noted versions contain vulnerable code, but do not parse PNG images by default, and are therefore not vulnerable. Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version...

6.8CVSS1.9AI score0.06593EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/11/25 12:0 a.m.•46 views

SOL15862 - Multiple cURL and libcurl vulnerabilities CVE-2014-0015, CVE-2014-0138, and CVE-2014-0139

Recommended Action BIG-IP, BIG-IQ, and Enterprise Manager If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candida...

6.4CVSS1.3AI score0.05599EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2014/09/29 12:0 a.m.•46 views

SOL15635 - PHP 5.x vulnerability - CVE-2012-1171

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...

5CVSS1.4AI score0.02812EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2014/06/05 12:0 a.m.•46 views

SOL15322 - PHP vulnerability CVE-2014-0185

Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

7.2CVSS2.6AI score0.00505EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2014/04/10 12:0 a.m.•46 views

SOL15156 - OpenSSH vulnerability CVE-2009-2904

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custo...

6.9CVSS2.9AI score0.00318EPSS
Exploits0References5
Total number of security vulnerabilities5000