Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•45 views

K30525503: BIG-IP APM Edge Client proxy vulnerability CVE-2022-23032

Security Advisory Description When proxy settings are configured in the network access resource of a BIG-IP APM system, connecting BIG-IP Edge Client on Mac and Windows is vulnerable to a DNS rebinding attack. CVE-2022-23032 Impact DNS rebinding allows external attackers to bypass the same-origin...

5.3CVSS5.5AI score0.00404EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:34 p.m.•45 views

K65481741: Java SE vulnerability CVE-2018-3139

Security Advisory Description Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Networking. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated...

3.1CVSS5.1AI score0.05243EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•45 views

K48373922: Apache vulnerablilty CVE-2018-8011

Security Advisory Description By specially crafting HTTP requests, the modmd challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 Affected 2.4.33. CVE-2018-8011 Impact There is no impac...

7.5CVSS6.4AI score0.51714EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•45 views

K04713734: BIND vulnerability CVE-2018-5741

Security Advisory Description To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called update-policy. Various rules can be configured to limit the types of updates that can be performed by a client, depending on the ke...

6.5CVSS6.8AI score0.03451EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•45 views

K62700573: Linux kernel vulnerabilities CVE-2010-5313 and CVE-2014-7842

Security Advisory Description CVE-2010-5313 Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service L1 guest OS crash via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842...

4.9CVSS6.3AI score0.00374EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:33 p.m.•45 views

K11414891: Linux Kernel vulnerability CVE-2018-13053

Security Advisory Description The alarmtimernsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktimeaddsafe is not used. CVE-2018-13053 Impact There is no impact; F5 products are not affected by this...

3.3CVSS6.1AI score0.00513EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:29 p.m.•45 views

K15316: PHP vulnerability CVE-2013-4635

Security Advisory Description Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service application hang via a large argument to the jdtojewish function...

5CVSS9.2AI score0.0423EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:29 p.m.•45 views

K15879: SOAP parser vulnerability CVE-2013-1824

Security Advisory Description The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue in the...

4.3CVSS9.3AI score0.04314EPSS
Exploits1Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 6:27 p.m.•45 views

K82644737: NTP vulnerability CVE-2016-4954

Security Advisory Description The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an...

7.5CVSS6.4AI score0.13208EPSS
Exploits0Affected Software24
F5 Networks
F5 Networks
•added 2023/02/21 6:18 p.m.•45 views

K17232507: OpenSSL vulnerability CVE-2016-0798

Security Advisory Description Memory leak in the SRPVBASEgetbyuser implementation in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allows remote attackers to cause a denial of service memory consumption by providing an invalid username in a connection attempt, related to apps/sserver.c and...

7.8CVSS8.4AI score0.24409EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:15 p.m.•45 views

K50899356: file vulnerability CVE-2018-10360

Security Advisory Description The docorenote function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted ELF file. CVE-2018-10360 Impact This vulnerability may allow a remote attacker to cause a...

6.5CVSS6.2AI score0.0341EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:9 p.m.•45 views

K32262483: NTP vulnerability CVE-2017-6451

Security Advisory Description The mx4200send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an...

7.8CVSS8.3AI score0.00481EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:9 p.m.•45 views

K13719: Samba vulnerability CVE-2012-1182

Security Advisory Description The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code ...

10CVSS9.2AI score0.74034EPSS
Exploits9
F5 Networks
F5 Networks
•added 2023/02/21 6:8 p.m.•45 views

K16743: MIT Kerberos 5 vulnerability CVE-2014-5355

Security Advisory Description MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string ...

5CVSS7.2AI score0.04587EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:7 p.m.•45 views

K68499208: Linux kernel vulnerability CVE-2017-18204

Security Advisory Description The ocfs2setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service deadlock via DIO requests. CVE-2017-18204 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

5.5CVSS5.4AI score0.00443EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/07 12:56 a.m.•45 views

K000132425: Linux kernel vulnerability CVE-2023-0179

Security Advisory Description A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. CVE-2023-017...

7.8CVSS7.5AI score0.01944EPSS
Exploits5
F5 Networks
F5 Networks
•added 2023/02/03 7:31 p.m.•45 views

K000132404: OpenJDK vulnerability CVE-2023-21830

Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM Enterprise Edition: 20.3.8 and 21.3.4. Easily...

5.3CVSS5.2AI score0.01058EPSS
Exploits0
F5 Networks
F5 Networks
•added 2016/10/19 12:0 a.m.•45 views

SOL24923910 - LibTIFF vulnerability CVE-2016-3632

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.8CVSS2AI score0.03123EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/08/29 12:0 a.m.•45 views

SOL06045217 - TMM vulnerability CVE-2016-5022

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

9.8CVSS2.4AI score0.03457EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2016/08/10 12:0 a.m.•45 views

SOL55248799 - phpLDAPAdmin vulnerabilities CVE-2005-2654, CVE-2005-2792, CVE-2005-2793, CVE-2006-2016, and CVE-2009-4427

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.5AI score0.1167EPSS
Exploits4References4
F5 Networks
F5 Networks
•added 2016/08/08 12:0 a.m.•45 views

SOL41233508 - bzip2 vulnerability CVE-2016-3189

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

6.5CVSS2.7AI score0.15831EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/07/15 12:0 a.m.•45 views

SOL30905674 - Linux kernel vulnerability CVE-2014-9904

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.8CVSS2.5AI score0.00384EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/06/21 12:0 a.m.•45 views

SOL08206127 - PHP vulnerability CVE-2016-4072

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.8CVSS2.5AI score0.05932EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/06/20 12:0 a.m.•45 views

SOL05405841 - GCM nonce vulnerability CVE-2016-0270

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

5.9CVSS2.8AI score0.03099EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/06/07 12:0 a.m.•45 views

SOL37236006 - SQLite vulnerabilities CVE-2015-3414 and CVE-2015-3415

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS0.5AI score0.04852EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2016/04/08 12:0 a.m.•45 views

SOL21921812 - Quagga vulnerability CVE-2016-2342

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

8.1CVSS2.9AI score0.1211EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/03/07 12:0 a.m.•45 views

SOL81903701 - Libpng vulnerability CVE-2015-8472

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.5CVSS2.2AI score0.10339EPSS
Exploits0References11
F5 Networks
F5 Networks
•added 2016/01/12 12:0 a.m.•45 views

SOL25901386 - GRUB2 vulnerability CVE-2015-8370

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.4CVSS1.7AI score0.01104EPSS
Exploits1References9
F5 Networks
F5 Networks
•added 2015/11/02 12:0 a.m.•45 views

SOL17528 - NTP vulnerability CVE-2015-7850

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

6.5CVSS1.6AI score0.04973EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/10/28 12:0 a.m.•45 views

SOL17461 - OpenSSH vulnerability CVE-2015-5352

Recommended Action 1By default, the vulnerable code is not enabled and is not used by the affected BIG-IP, BIG-IQ, and Enterprise Manager versions. In a standard/default configuration, the vulnerability is not exposed. If you are running a version listed in the Versions known to be vulnerable...

4.3CVSS1.4AI score0.05445EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/09/08 12:0 a.m.•45 views

SOL17200 - PHP vulnerability CVE-2015-2783

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

5.8CVSS1AI score0.10879EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2015/08/12 12:0 a.m.•45 views

SOL17118 - Linux kernel vulnerability CVE-2015-2042

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

4.6CVSS2.2AI score0.00449EPSS
Exploits0References2
F5 Networks
F5 Networks
•added 2015/07/02 12:0 a.m.•45 views

SOL16841 - GNU C Library (glibc) vulnerability CVE-2013-7423

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS0.7AI score0.05808EPSS
Exploits2References4
F5 Networks
F5 Networks
•added 2015/07/02 12:0 a.m.•45 views

SOL16845 - MySQL vulnerability CVE-2015-3152

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

5.9CVSS1.5AI score0.07083EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2015/07/01 12:0 a.m.•45 views

SOL16834 - OpenSSL vulnerability CVE-2011-3210

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

6.5CVSS2.1AI score0.04561EPSS
Exploits2References6
F5 Networks
F5 Networks
•added 2015/04/09 12:0 a.m.•45 views

SOL16380 - FreeType vulnerabilities CVE-2014-9656 and CVE-2014-9659

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate these vulnerabilities by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any...

7.5CVSS0.9AI score0.07687EPSS
Exploits3References3
F5 Networks
F5 Networks
•added 2014/10/23 12:0 a.m.•45 views

SOL15742 - Linux kernel vulnerabilities CVE-2014-6416, CVE-2014-6417, and CVE-2014-6418

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

7.8CVSS2.7AI score0.06167EPSS
Exploits3References4
F5 Networks
F5 Networks
•added 2014/07/14 12:0 a.m.•45 views

SOL15404 - OpenSSL vulnerability CVE-2009-3245

Recommended action You can eliminate this vulnerability by running a version listed in the Versions known to be not vulnerable column in the previous table. If the Versions known to be not vulnerable column does not list a version that is higher than the version you are running, then no upgrade...

10CVSS1.2AI score0.06732EPSS
Exploits1References6
F5 Networks
F5 Networks
•added 2014/06/05 12:0 a.m.•45 views

SOL15303 - PHP vulnerability CVE-2013-7345

Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS2.6AI score0.0304EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2013/02/12 12:0 a.m.•45 views

SOL14204 - BIND vulnerability CVE-2011-4313

F5 Product Development has determined that these Enterprise Manager versions use a vulnerable version of BIND. However, the vulnerable code is not used by default on these Enterprise Manager systems. These products are only vulnerable if BIND was manually configured and enabled. Recommended actio...

5CVSS8.6AI score0.1617EPSS
Exploits0References10
F5 Networks
F5 Networks
•added 2009/01/20 12:0 a.m.•45 views

SOL9592 - bzip2 vulnerability CVE-2008-1372

Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge. F5 Product Development tracked this issue as CR114442 and CR107644 for BIG-IP LTM, GTM...

4.3CVSS9.3AI score0.04519EPSS
Exploits2
F5 Networks
F5 Networks
•added 2008/06/17 12:0 a.m.•45 views

SOL8837 - OpenSSL DTLS off-by-one error - CVE-2007-4995

Description CVE-2007-4995 - Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. Information about this advisory is available at the following location:...

9.3CVSS7.3AI score0.11164EPSS
Exploits1
F5 Networks
F5 Networks
•added 2007/06/18 12:0 a.m.•45 views

SOL7544 - Full-width and half-width Unicode encoded data bypasses IDS/IPS security controls, VU #739224

Unicode is a system for encoding characters of a character set, which is used in networked applications. IDS/IPS or other security devices may fail to decode and recognize the characters that represent an attack if encoded in Unicode, and pass the characters to a target device. If the target devi...

2.1AI score
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2007/01/08 12:0 a.m.•45 views

SOL6924 - Insertion of special characters in URL path circumvents Accessibility Scope and Access Control Lists

It is possible to bypass the Deny list, configured in the Accessibility Scope section located on the Portal Access: Web Applications: Master Group Settings page, by inserting certain special characters into a URL path. In FirePass version 6.0, this issue also applies to the Deny list configured...

1.4AI score
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2006/11/19 12:0 a.m.•45 views

SOL6737 - SHMAT vulnerabilities CVE-2004-0114

This security advisory describes a reference count overflow in SHMAT CVE-2004-0114. Information about this advisory is available at the following location: Note: This link takes you to a resource outside of AskF5, and it is possible that the information may be removed without our knowledge...

4.6CVSS6.1AI score0.00724EPSS
Exploits0
F5 Networks
F5 Networks
•added 2005/02/21 12:0 a.m.•45 views

SOL4351 - BIND 9.3.0 denial of service vulnerability CAN-2005-0034

BIG-IP versions 9.0 through 9.0.5 contain BIND version 9.3.0 and are vulnerable if BIND is enabled. To enable BIND on the BIG-IP system, you must log in to the command line and configure it manually; you cannot inadvertently enable BIND. Since BIND is disabled by default, most BIG-IP systems are...

4.3CVSS3.4AI score0.06354EPSS
Exploits0
F5 Networks
F5 Networks
•added 2026/06/04 3:51 p.m.•44 views

K000161578: Linux kernel vulnerability CVE-2025-38085

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table...

4.7CVSS6.1AI score0.00111EPSS
Exploits0Affected Software4
F5 Networks
F5 Networks
•added 2025/03/09 1:55 p.m.•44 views

K000150304: Apache Camel vulnerability CVE-2025-27636

Security Advisory Description Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 through = 4.10.1, from 4.8.0 through = 4.8.4, from 3.10.0 through = 3.22.3. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4...

5.6CVSS6.8AI score0.79817EPSS
Exploits3
F5 Networks
F5 Networks
•added 2024/12/19 11:43 p.m.•44 views

K000149074: ZeroMQ vulnerabilities CVE-2014-9721 and CVE-2021-20236

Security Advisory Description CVE-2014-9721 libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header. CVE-2021-20236 A flaw was found in the ZeroMQ server in versions before 4.3....

9.8CVSS8.7AI score0.02529EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/12/06 11:49 p.m.•44 views

K000148895: Intel UEFI firmware vulnerabilities CVE-2023-2235, CVE-2023-23904, and CVE-2023-25546

Security Advisory Description CVE-2023-22351 Out-of-bounds write in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-23904 NULL pointer dereference in the UEFI firmware for some IntelR Processors may allo...

6.9CVSS7AI score0.00145EPSS
Exploits0
Total number of security vulnerabilities5000