6417 matches found
K41454238: Apache mod_auth_openidc vulnerabilities CVE-2021-32785 CVE-2021-32786 CVE-2021-32792
Security Advisory Description CVE-2021-32785 modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configur...
K10027302: Libsoup vulnerability CVE-2018-12910
Security Advisory Description The getcookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname. CVE-2018-12910 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...
K74327432: F5 Container Ingress Services vulnerability CVE-2019-6648
Security Advisory Description If DEBUG logging is enabled, F5 Container Ingress Services CIS for Kubernetes and Red Hat OpenShift k8s-bigip-ctlr log files may contain BIG-IP system secrets such as SSL Private Keys and Private key Passphrases as provided as inputs by an AS3 Declaration...
K70652532: F5 BIG-IP Guided Configuration logging vulnerability CVE-2021-23046
Security Advisory Description When a configuration that contains secure properties is created and deployed from BIG-IP Guided Configuration AGC, secure properties are logged in restnoded logs. CVE-2021-23046 Impact Users with access to restnoded logs may gain access to sensitive information from...
K16011: Linux kernel vulnerability CVE-2012-6657
Security Advisory Description The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service system crash by leveraging the ability to create a raw...
K15571: OpenSSL vulnerability CVE-2014-3508
Security Advisory Description Description The OBJobj2txt function in crypto/objects/objdat.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i, when pretty printing is used, does not ensure the presence of '\0' characters, which allows context-dependent attackers to...
K31856317: BIG-IP Packet Filters vulnerability CVE-2022-27182
Security Advisory Description When BIG-IP packet filters are enabled and a virtual server is configured with the type set to Reject, undisclosed requests can cause an increase in memory resource utilization. CVE-2022-27182 Impact System performance can degrade until the process is either forced t...
K94093538: NGINX Service Mesh control plane vulnerability CVE-2022-27495
Security Advisory Description NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. CVE-2022-27495 Impact An attacker may affect traffic policies, security policies, and other reverse proxy capabilities of NGINX Service Mesh if they've gained access to a Kubernete...
K48414132: PHP SOAP vulnerability CVE-2015-8835
Security Advisory Description The makehttpsoaprequest function in ext/soap/phphttp.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not properly retrieve keys, which allows remote attackers to cause a denial of service NULL pointer dereference, type confusion, and...
K15867: Perl vulnerabilities CVE-2012-5195, CVE-2012-5526, CVE-2012-6329, and CVE-2013-1667
Security Advisory Description CVE-2012-5195 Heap-based buffer overflow in the Perlrepeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service memory consumption and crash or possibly...
K51317292: glibc vulnerability CVE-2020-1751
Security Advisory Description An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not properly check the array bounds when storing the frame address, resulting in a denial of service or potential...
K12254802: Apache httpd HTTP/2 vulnerability CVE-2016-1546
Security Advisory Description The Apache HTTP Server 2.4.17 and 2.4.18, when modhttp2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote attackers to cause a denial of service stream-processing outage via modified flow-control...
K38336243: Binutils vulnerabilities CVE-2018-20623, CVE-2018-20651, and CVE-2018-20712
Security Advisory Description CVE-2018-20623 In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the processarchive function in readelf.c via a crafted ELF file. CVE-2018-20651 A NULL pointer dereference was discovered in elflinkaddobjectsymbols i...
K25244852: BIND vulnerability CVE-2018-5745
Security Advisory Description "managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses...
K81952114: Authenticated iControl REST in Appliance mode vulnerability CVE-2022-26415
Security Advisory Description When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint. CVE-2022-26415 Impact In Appliance mode, an authenticated user with valid user...
K26422113: libxml2 vulnerability CVE-2016-1839
Security Advisory Description The xmlDictAddString function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted XML document...
K40778012: Intel CPU vulnerability CVE-2021-0127
Security Advisory Description Insufficient control flow management in some IntelR Processors may allow an authenticated user to potentially enable a denial of service via local access. CVE-2021-0127 Impact An authenticated attacker may exploit the Intel processor firmware to cause a denial of...
K30525503: BIG-IP APM Edge Client proxy vulnerability CVE-2022-23032
Security Advisory Description When proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. CVE-2022-23032 Impact DNS rebinding allows external attackers to bypass the same-origin...
K44834280: Multiple Treck vulnerabilities CVE-2020-25066, CVE-2020-27336, CVE-2020-27337, and CVE-2020-27338
Security Advisory Description CVE-2020-25066 A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service crash/reset or to possibly execute arbitrary code. CVE-2020-27336 An issue was discovered in Treck IPv6 before 6.0.1.68...
K65481741: Java SE vulnerability CVE-2018-3139
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated...
K48373922: Apache vulnerablilty CVE-2018-8011
Security Advisory Description By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33. CVE-2018-8011 Impact There is no impac...
K04713734: BIND vulnerability CVE-2018-5741
Security Advisory Description To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the ke...
K62700573: Linux kernel vulnerabilities CVE-2010-5313 and CVE-2014-7842
Security Advisory Description CVE-2010-5313 Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service L1 guest OS crash via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842...
K11414891: Linux Kernel vulnerability CVE-2018-13053
Security Advisory Description The alarmtimernsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktimeaddsafe is not used. CVE-2018-13053 Impact There is no impact; F5 products are not affected by this...
K15316: PHP vulnerability CVE-2013-4635
Security Advisory Description Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service application hang via a large argument to the jdtojewish function...
K15879: SOAP parser vulnerability CVE-2013-1824
Security Advisory Description The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue in the...
K82644737: NTP vulnerability CVE-2016-4954
Security Advisory Description The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an...
K17232507: OpenSSL vulnerability CVE-2016-0798
Security Advisory Description Memory leak in the SRPVBASEgetbyuser implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service memory consumption by providing an invalid username in a connection attempt, related to apps/sserver.c and...
K50899356: file vulnerability CVE-2018-10360
Security Advisory Description The docorenote function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted ELF file. CVE-2018-10360 Impact This vulnerability may allow a remote attacker to cause a...
K32262483: NTP vulnerability CVE-2017-6451
Security Advisory Description The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an...
K13719: Samba vulnerability CVE-2012-1182
Security Advisory Description The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code ...
K16743: MIT Kerberos 5 vulnerability CVE-2014-5355
Security Advisory Description MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string ...
K68499208: Linux kernel vulnerability CVE-2017-18204
Security Advisory Description The ocfs2setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service deadlock via DIO requests. CVE-2017-18204 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
K000132425: Linux kernel vulnerability CVE-2023-0179
Security Advisory Description A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. CVE-2023-017...
K000132404: OpenJDK vulnerability CVE-2023-21830
Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily...
SOL24923910 - LibTIFF vulnerability CVE-2016-3632
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL55248799 - phpLDAPAdmin vulnerabilities CVE-2005-2654, CVE-2005-2792, CVE-2005-2793, CVE-2006-2016, and CVE-2009-4427
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL41233508 - bzip2 vulnerability CVE-2016-3189
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL30905674 - Linux kernel vulnerability CVE-2014-9904
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL08206127 - PHP vulnerability CVE-2016-4072
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL05405841 - GCM nonce vulnerability CVE-2016-0270
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL37236006 - SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL21921812 - Quagga vulnerability CVE-2016-2342
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL81903701 - Libpng vulnerability CVE-2015-8472
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL25901386 - GRUB2 vulnerability CVE-2015-8370
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17528 - NTP vulnerability CVE-2015-7850
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17461 - OpenSSH vulnerability CVE-2015-5352
Recommended Action 1By default, the vulnerable code is not enabled and is not used by the affected BIG-IP, BIG-IQ, and Enterprise Manager versions. In a standard/default configuration, the vulnerability is not exposed. If you are running a version listed in the Versions known to be vulnerable...
SOL17200 - PHP vulnerability CVE-2015-2783
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL17118 - Linux kernel vulnerability CVE-2015-2042
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16845 - MySQL vulnerability CVE-2015-3152
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...