Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2016/10/21 12:0 a.m.•46 views

SOL25499204 - Samba vulnerability CVE-2015-8467

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.9AI score0.11526EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/09/27 12:0 a.m.•46 views

SOL39508724 - TMM SSL/TLS virtual server vulnerability CVE-2016-6907

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

6.3AI score
Exploits0References8Affected Software14
F5 Networks
F5 Networks
•added 2016/08/29 12:0 a.m.•46 views

SOL06045217 - TMM vulnerability CVE-2016-5022

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

9.8CVSS2.4AI score0.03457EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2016/05/13 12:0 a.m.•46 views

SOL61974123 - ImageMagick vulnerability CVE-2016-3718

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

10CVSS1.1AI score0.97485EPSS
Exploits13References9
F5 Networks
F5 Networks
•added 2016/05/11 12:0 a.m.•46 views

SOL66504414 - Foomatic vulnerability CVE-2010-5325

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.8CVSS2.5AI score0.05483EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/05/04 12:0 a.m.•46 views

SOL71059632 - PHP vulnerability CVE-2015-8616

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

8.6CVSS2.5AI score0.02173EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2016/04/01 12:0 a.m.•46 views

SOL23946311 - glibc vulnerability CVE-2015-8776

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

9.1CVSS3.3AI score0.04613EPSS
Exploits0References10
F5 Networks
F5 Networks
•added 2016/02/18 12:0 a.m.•46 views

SOL50413110 - GnuPG vulnerability CVE-2013-4351

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.8CVSS1AI score0.02518EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2016/01/07 12:0 a.m.•46 views

SOL22843911 - F5 Path MTU Discovery vulnerability CVE-2015-7759

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS1.1AI score0.01516EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2015/12/23 12:0 a.m.•46 views

SOL40284849 - Apache vulnerability CVE-2010-0434

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.3CVSS0.9AI score0.18443EPSS
Exploits2References3
F5 Networks
F5 Networks
•added 2015/12/09 12:0 a.m.•46 views

SOL31372672 - Mozilla NSS vulnerabilities CVE-2015-7181, CVE-2015-7182, and CVE-2015-7183

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

9.8CVSS0.4AI score0.10238EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/12/02 12:0 a.m.•46 views

SOL05770600 - Linux libuser vulnerability CVE-2015-3246

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.2CVSS1.1AI score0.06797EPSS
Exploits10References4
F5 Networks
F5 Networks
•added 2015/09/29 12:0 a.m.•46 views

SOL17335 - GnuTLS vulnerability CVE-2015-6251

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS1.4AI score0.1903EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/06/15 12:0 a.m.•46 views

SOL16743 - MIT Kerberos 5 vulnerability CVE-2014-5355

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

5CVSS1.8AI score0.04587EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/04/21 12:0 a.m.•46 views

SOL16480 - Multiple unzip vulnerabilities CVE-2014-8139, CVE-2014-8140, and CVE-2014-8141

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

7.8CVSS0.7AI score0.07448EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2015/04/15 12:0 a.m.•46 views

SOL16444 - Apache vulnerability CVE-2015-0899

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

7.5CVSS1.1AI score0.21261EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2015/04/09 12:0 a.m.•46 views

SOL16385 - Multiple MySQL vulnerabilities

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

6.8CVSS2AI score0.03786EPSS
Exploits0References7
F5 Networks
F5 Networks
•added 2015/04/03 12:0 a.m.•46 views

SOL16355 - Multiple MySQL vulnerabilities

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS3.3AI score0.10066EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/09/05 12:0 a.m.•46 views

SOL15566 - Kerberos vulnerability CVE-2014-4345

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists...

8.5CVSS2AI score0.08085EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/06/25 12:0 a.m.•46 views

SOL15366 - OpenSSL DTLS vulnerability CVE-2009-1377

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS2.6AI score0.11274EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2014/06/02 12:0 a.m.•46 views

SOL15305 - OpenSSL vulnerability CVE-2004-0975

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

2.1CVSS2.7AI score0.00415EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/04/14 12:0 a.m.•46 views

SOL15169 - PHP vulnerability CVE-2013-4113

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...

6.8CVSS1.4AI score0.05186EPSS
Exploits0References7
F5 Networks
F5 Networks
•added 2014/01/14 12:0 a.m.•46 views

SOL14907 - MySQL Server vulnerability CVE-2012-3163

Recommended action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. To mitigate this vulnerability on Enterprise Manager, you should not enable remote access to the statistics database. Remote access to t...

9CVSS1AI score0.05096EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2013/02/21 12:0 a.m.•46 views

SOL14236 - OpenSSL vulnerability CVE-2012-2686

Recommended action None Supplemental Information Common Vulnerabilities and Exposures CVE-2012-2686 Note: This link takes you to a resource outside of AskF5, and it is possible that the documents may be removed without our knowledge. SOL9970: Subscribing to email notifications regarding F5 produc...

5CVSS7.4AI score0.39593EPSS
Exploits2References5
F5 Networks
F5 Networks
•added 2009/10/27 12:0 a.m.•46 views

SOL10674 - Netscape reuse cipher change bug - Qualsys QID 38284

A Qualsys security audit may report that the BIG-IP management IP address is vulnerable to a NETSCAPE REUSE CIPHER CHANGE BUG. The security audit may produce a report that appears similar to the following example: QID: 38284 CVSS Base: 5 1 Category: General remote services CVSS Temporal: 4.7 CVE...

6.7AI score
Exploits0Affected Software9
F5 Networks
F5 Networks
•added 2009/04/05 12:0 a.m.•46 views

SOL9889 - NTP vulnerability CVE-2009-0021

Description NTP may not properly check the return value from the OpenSSL EVPVerifyFinal function, which may allow a remote attacker to bypass validation of the certificate chain by way of a malformed SSL/TLS signature for DSA and ECDSA keys. Note: This is a similar vulnerability to CVE-2008-5077...

5.8CVSS7.2AI score0.05146EPSS
Exploits1
F5 Networks
F5 Networks
•added 2008/06/30 12:0 a.m.•46 views

SOL8924 - Linux kernel vulnerability CVE-2007-3843

A flaw in the CIFS handling of the mount option sec= that did not enable integrity checking and did not produce any error message. Information about this advisory is available at the following location:...

4.3CVSS5.8AI score0.02624EPSS
Exploits0
F5 Networks
F5 Networks
•added 2008/06/30 12:0 a.m.•46 views

SOL8917 - Linux kernel vulnerability CVE-2007-1217

A flaw in the ISDN CAPI subsystem allows a remote user to cause a denial of service or potential remote access. Exploitation would require the attacker to be able to send arbitrary frames over the ISDN network to the vulnerable system. Information about this advisory is available at the following...

6.9CVSS6AI score0.00372EPSS
Exploits0
F5 Networks
F5 Networks
•added 2008/02/14 12:0 a.m.•46 views

SOL8424 - Java Runtime Environment Vulnerability - CVE-2008-0657

Multiple unspecified vulnerabilities in the Java Runtime Environment in Sun JDK and JRE 6 Update 1 and earlier, and 5.0 Update 13 and earlier, allow context-dependent attackers to gain privileges through an untrusted application or applet, as demonstrated by an application or applet that grants...

10CVSS6.2AI score0.02839EPSS
Exploits0
F5 Networks
F5 Networks
•added 2008/01/16 12:0 a.m.•46 views

SOL8280 - Cross-site scripting vulnerabilities in BIG-IP Configuration utility CVE-2008-0265

The vulnerability is only available to authenticated users. Theoretically, a malicious site could use another tab in an admin user's browser to hit a list URL and cause the admin user's Configuration utility to render malicious JavaScript in the admin user's browser. The results are not saved...

4.3CVSS5.8AI score0.03485EPSS
Exploits0
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•46 views

SOL5278 - Apache mod_ssl SSLVerifyClient bypass - CAN-2005-2700

Apache modssl SSLVerifyClient bypass vulnerability CAN-2005-2700. Information about this advisory is available at the following location:...

10CVSS1.2AI score0.30576EPSS
Exploits0
F5 Networks
F5 Networks
•added 2007/05/16 12:0 a.m.•46 views

SOL2591 - Linux kernel vulnerabilities - CAN-2003-0244, CAN-2003-0246

Note: Versions that are not listed in this Solution have not been evaluated for vulnerability to this security advisory. For information about F5 Networks' security policy regarding evaluating older and unsupported versions of F5 Networks products, refer to SOL4602: Overview of F5 Networks securi...

5CVSS2.3AI score0.04276EPSS
Exploits0
F5 Networks
F5 Networks
•added 2025/01/10 4:21 a.m.•45 views

K000149247: Apache tomcat vulnerability CVE-2024-56337

Security Advisory Description Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users...

9.8CVSS7.7AI score0.09028EPSS
Exploits13
F5 Networks
F5 Networks
•added 2024/10/16 7:20 a.m.•45 views

K000141470: Apache Tomcat vulnerabilities CVE-2024-23672 and CVE-2024-24549

Security Advisory Description CVE-2024-23672 Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through...

7.5CVSS7.7AI score0.23072EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/10/07 3:9 a.m.•45 views

K000141354: Multiple PHP vulnerabilities

Security Advisory Description CVE-2017-7272 PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is...

8.1CVSS9AI score0.11402EPSS
Exploits5
F5 Networks
F5 Networks
•added 2024/06/18 8:33 p.m.•45 views

K000140043: runc vulnerability CVE-2024-21626

Security Advisory Description runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process from runc exec to have a working directo...

8.6CVSS7.5AI score0.18087EPSS
Exploits18
F5 Networks
F5 Networks
•added 2024/05/10 1:34 p.m.•45 views

K000139579: Node.js vulneraility CVE-2024-21891

Security Advisory Description Node.js depends on multiple built-in utility functions to normalize paths provided to node:fs functions, which can be overwitten with user-defined implementations leading to filesystem permission model bypass through path traversal attack. This vulnerability affects...

8.8CVSS7AI score0.01245EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/05/10 1:29 p.m.•45 views

K000139578: Node.js vulnerability CVE-2024-21896

Security Advisory Description The permission model protects itself against path traversal attacks by calling path.resolve on any paths given by the user. If the path is to be treated as a Buffer, the implementation uses Buffer.from to obtain a Buffer from the result of path.resolve. By...

9.8CVSS6.9AI score0.01262EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/11/14 11:16 p.m.•45 views

K000137582: BIND vulnerability CVE-2023-3341

Security Advisory Description The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run...

7.5CVSS7.1AI score0.02626EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/10/26 7:22 p.m.•45 views

K000137368: Overview of F5 vulnerabilities (October 26, 2023)

Security Advisory Description On October 26, 2023, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...

9.8CVSS9.8AI score0.96515EPSS
Exploits18
F5 Networks
F5 Networks
•added 2023/10/02 6:55 p.m.•45 views

K000137090: Node.js vulnerabilities CVE-2018-12121, CVE-2018-12122, and CVE-2018-12123

Security Advisory Description CVE-2018-12121 Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Denial of Service with large HTTP headers: By using a combination of many requests with maximum sized headers almost 80 KB per connection, and carefully timed completion of the...

7.5CVSS7.2AI score0.41288EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/09/27 2:1 p.m.•45 views

K000136909: BIG-IP APM Clients TunnelCrack vulnerability CVE-2023-43125

Security Advisory Description BIG-IP APM clients may send IP traffic outside of the VPN tunnel. CVE-2023-43125 Impact If a client machine connects to a malicious DNS device, an attacker may be able to trick the client into sending IP traffic outside of the VPN tunnel. Any clear text traffic leake...

8.2CVSS7.9AI score0.00237EPSS
Exploits0Affected Software3
F5 Networks
F5 Networks
•added 2023/09/20 5:42 p.m.•45 views

K000136924: Node.JS vulnerabilities CVE-2018-7158, CVE-2018-7164, and CVE-2018-7166

Security Advisory Description CVE-2018-7158 The 'path' module in the Node.js 4.x release line contains a potential regular expression denial of service ReDoS vector. The code in question was replaced in Node.js 6.x and later so this vulnerability only impacts all versions of Node.js 4.x. The...

7.5CVSS7.5AI score0.06411EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/05/10 4:15 p.m.•45 views

K000133761: Python vulnerability CVE-2021-3177

Security Advisory Description Python 3.x through 3.9.1 has a buffer overflow in PyCArgrepr in ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to cdouble.fromparam...

9.8CVSS8.6AI score0.23293EPSS
Exploits1Affected Software2
F5 Networks
F5 Networks
•added 2023/04/28 7:58 a.m.•45 views

K000133699: Oracle WebLogic Server vulnerabilities CVE-2023-21964, CVE-2023-21979, and CVE-2023-21996

Security Advisory Description CVE-2023-21964 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

7.5CVSS7.6AI score0.00842EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/04/27 4:23 p.m.•45 views

K000133686: protobuf-java vulnerability CVE-2021-22569

Security Advisory Description An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects...

7.5CVSS6.5AI score0.01655EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/03/13 4:46 p.m.•45 views

K000132946: OpenSSL vulnerability CVE-2023-0215

Security Advisory Description The public API function BIOnewNDEF is a helper function used for streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL to support the SMIME, CMS and PKCS7 streaming capabilities, but may also be called directly by end user applications. The...

7.5CVSS7AI score0.04494EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
•added 2023/02/22 1:6 a.m.•45 views

K000132643: Apache HTTP server vulnerability CVE-2022-36760

Security Advisory Description Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4...

9CVSS7.3AI score0.01879EPSS
Exploits0Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•45 views

K72372334: FreeType vulnerability CVE-2014-9745

Security Advisory Description The parseencoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service infinite loop via a "broken number-with-base" in a Postscript stream, as demonstrated by 8garbage. CVE-2014-9745 Impact A remote attacker may be...

5CVSS8.2AI score0.03734EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•45 views

K25607522: BIG-IP vulnerability CVE-2019-6688

Security Advisory Description A user can obtain the secret used to encrypt a BIG-IP UCS backup file while sending an SNMP query to the BIG-IP or BIG-IQ system; however, the user cannot access the UCS files. CVE-2019-6688 Impact BIG-IP and BIG-IQ The SNMP user can obtain the secret used to encrypt...

4.3CVSS5AI score0.00697EPSS
Exploits0Affected Software14
Total number of security vulnerabilities5000