Lucene search
K

6413 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.44 views

K39272405: OpenSSL vulnerability CVE-2016-7052

Security Advisory Description crypto/x509/x509vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service NULL pointer dereference and application crash by triggering a CRL operation. CVE-2016-7052 Impact There is no impact; F5 products are not affected by this vulnerability...

7.5CVSS7.8AI score0.30216EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.44 views

K17515: NTP vulnerability CVE-2015-7855

Security Advisory Description The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value. CVE-2015-7855 Impact A locally authenticated user may ...

6.5CVSS6.3AI score0.31068EPSS
Exploits4Affected Software23
F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.44 views

K30845195: Linux kernel vulnerability CVE-2018-5703

Security Advisory Description The tcpv6synrecvsock function in net/ipv6/tcpipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service slab out-of-bounds write or possibly have unspecified other impact via vectors involving TLS. CVE-2018-5703 Impact Traffix SDC When...

10CVSS6.8AI score0.0263EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.44 views

K59395527: Intel processor vulnerability CVE-2021-33150

Security Advisory Description Hardware allows activation of test or debug logic at runtime for some IntelR Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2021-33150 Impact There is no impact; F5 products are not...

6.8CVSS6.7AI score0.00346EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:50 p.m.44 views

K05046514: NTP vulnerability CVE-2015-7979

Security Advisory Description NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service client-server association tear down by sending broadcast packets with invalid authentication to a broadcast client. CVE-2015-7979 Impact An attacker may exploit this...

7.5CVSS7.8AI score0.11887EPSS
Exploits0Affected Software22
F5 Networks
F5 Networks
added 2023/02/21 6:49 p.m.44 views

K93000310: Apache Tomcat vulnerability CVE-2019-0199

Security Advisory Description The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for...

7.5CVSS6.5AI score0.72855EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:49 p.m.44 views

K54193041: Java SE vulnerability CVE-2019-2999

Security Advisory Description Vulnerability in the Java SE product of Oracle Java SE component: Javadoc. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...

4.7CVSS6AI score0.0267EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:49 p.m.44 views

K28902827: Apache mod_http2 vulnerability CVE-2018-11763

Security Advisory Description In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not...

5.9CVSS6.1AI score0.51002EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.44 views

K27228191: Node.js vulnerability CVE-2018-7159

Security Advisory Description The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as having a value of 12. The HTTP specification does not allow for spaces in the Content-Length value and the...

5.3CVSS7.6AI score0.03621EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:48 p.m.44 views

K51213246: BIG-IP APM AD authentication vulnerability CVE-2021-23008

Security Advisory Description BIG-IP APM AD Active Directory authentication can be bypassed using a spoofed AS-REP Kerberos Authentication Service Response response sent over a hijacked KDC Kerberos Key Distribution Center connection, or from an AD server compromised by an attacker.CVE-2021-23008...

9.8CVSS8.3AI score0.01326EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.44 views

K08832573: DHCP vulnerability CVE-2021-25217

Security Advisory Description In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are beyond their End-of-Life EOL and no longer supported by ISC. From inspection it is clear that the...

7.4CVSS7.5AI score0.06118EPSS
Exploits1Affected Software15
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.44 views

K11023978: Linux kernel vulnerability CVE-2017-6346

Security Advisory Description Race condition in net/packet/afpacket.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a multithreaded application that makes PACKETFANOUT setsockopt system calls...

7CVSS6.5AI score0.00296EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.44 views

K44994972: Linux kernel vulnerability CVE-2020-25704

Security Advisory Description A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERFEVENTIOCSETFILTER. A local user could use this flaw to starve the resources causing denial of service. CVE-2020-25704 Impact This vulnerability may allow a local...

5.5CVSS6.2AI score0.00348EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
added 2023/02/21 6:45 p.m.44 views

K14204: BIND vulnerability CVE-2011-4313

Security Advisory Description ISC reports that query.c in BIND may allow remote attackers to cause a denial-of-service assertion failure and named exit. The vulnerability uses unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. Th...

7AI score
Exploits0Affected Software9
F5 Networks
F5 Networks
added 2023/02/21 6:45 p.m.44 views

K33015954: Linux kernel vulnerability CVE-2019-3882

Security Advisory Description A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may...

5.5CVSS5.7AI score0.00538EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.44 views

K16427: Linux kernel vulnerability CVE-2013-7421

Security Advisory Description The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a module name in the salgname field, a different vulnerability than CVE-2014-9644. CVE-2013-7421 Impact There is no...

2.1CVSS6.5AI score0.00716EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.44 views

K38271531: BIG-IP and BIG-IQ SCP vulnerability CVE-2022-26340

Security Advisory Description An authenticated, high-privileged attacker with no bash access may be able to access Certificate and Key files using Secure Copy SCP protocol from a remote system. CVE-2022-26340 Impact This vulnerability may allow an authenticated, high-privileged attacker who has...

4.9CVSS5.6AI score0.00435EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.44 views

K40048447: Linux kernel vulnerability CVE-2017-18202

Security Advisory Description The oomreaptaskmm function in mm/oomkill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service TLB entry leak or use-after-free or possibly have unspecified other impact by triggering a copytouser call...

7CVSS6.3AI score0.00378EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.44 views

K92862401: libpcap vulnerability CVE-2019-15163

Security Advisory Description rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service NULL pointer dereference and daemon crash if a crypt call fails. CVE-2019-15163 Impact A local attacker may be able to cause a denial of service DoS. Security Advisory Status F5...

7.5CVSS6.3AI score0.04436EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.44 views

K82205554: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2016-0652 Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to DML." CVE-2016-0656 Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via...

5.5CVSS4.8AI score0.01002EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.44 views

K76930736: Libpng vulnerability CVE-2015-8126

Security Advisory Description Multiple buffer overflows in the 1 pngsetPLTE and 2 pnggetPLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service applicatio...

7.5CVSS8.8AI score0.10339EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.44 views

K05937379: libxml2 vulnerability CVE-2016-1837

Security Advisory Description Multiple use-after-free vulnerabilities in the 1 htmlPArsePubidLiteral and 2 htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause ...

5.5CVSS7AI score0.04092EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 6:35 p.m.44 views

K02215905: Wireshark vulnerabilities CVE-2018-16056, CVE-2018-16057, and CVE-2018-16058

Security Advisory Description CVE-2018-16056 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists. CVE-2018-16057 In...

7.5CVSS6.5AI score0.03459EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.44 views

K30340506: Intel Multiple CPU vulnerabilities CVE-2020-8738,CVE-2020-8739,CVE-2020-8740,CVE-2020-8764

Security Advisory Description CVE-2020-8738 Improper conditions check in Intel BIOS platform sample code for some IntelR Processors before may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-8739 Use of potentially dangerous function in Intel BIOS...

7.8CVSS6.8AI score0.00414EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:34 p.m.44 views

K44834280: Multiple Treck vulnerabilities CVE-2020-25066, CVE-2020-27336, CVE-2020-27337, and CVE-2020-27338

Security Advisory Description CVE-2020-25066 A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service crash/reset or to possibly execute arbitrary code. CVE-2020-27336 An issue was discovered in Treck IPv6 before 6.0.1.68...

10CVSS7.4AI score0.03348EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:33 p.m.44 views

K73659122: GPU vulnerabilities CVE-2019-0154 and CVE-2019-0155

Security Advisory Description CVE-2019-0154 Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series;...

7.8CVSS7.1AI score0.00668EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:32 p.m.44 views

K41142448: QEMU vulnerability CVE-2020-27617

Security Advisory Description ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. CVE-2020-27617 Impact BIG-IP This flaw allows a guest user to cause the QEMU proces...

6.5CVSS7.2AI score0.02515EPSS
Exploits0Affected Software16
F5 Networks
F5 Networks
added 2023/02/21 6:32 p.m.44 views

K19533600: SQLite Vulnerability CVE-2019-13734

Security Advisory Description Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13734 Impact There is no impact; F5 products are not affected by this vulnerability. Security...

8.8CVSS8.1AI score0.04022EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:32 p.m.44 views

K16990: zlib 1.2.2 vulnerability CVE-2005-1849

Security Advisory Description inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service application crash via an invalid file that causes a large dynamic tree to be produced. CVE-2005-1849 Impact None. F5 products are not affected by this vulnerability. Security Advisory Statu...

5CVSS6.6AI score0.03999EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:26 p.m.44 views

K16920: OpenSSL vulnerability CVE-2014-8176

Security Advisory Description The dtls1clearqueues function in ssl/d1lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows...

7.5CVSS8.1AI score0.16587EPSS
Exploits1Affected Software13
F5 Networks
F5 Networks
added 2023/02/21 6:19 p.m.44 views

K17237: Linux kernel vulnerability CVE-2014-7822

Security Advisory Description The implementation of certain splicewrite file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service system crash or possibly have unspecified other impact...

7.2CVSS6.7AI score0.01176EPSS
Exploits2Affected Software19
F5 Networks
F5 Networks
added 2023/02/21 6:11 p.m.44 views

K15417: OpenSSL vulnerability CVE-2012-0050

Security Advisory Description Description OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service crash via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix f...

7.9AI score
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:10 p.m.44 views

K5860: GSSAPI authentication vulnerability in OpenSSH - CAN-2005-2798

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

5CVSS8.1AI score0.02299EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:7 p.m.44 views

K59298921: OpenSSL vulnerability CVE-2016-2181

Security Advisory Description The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service false-positive packet drops via spoofed DTLS...

7.5CVSS8.4AI score0.22634EPSS
Exploits1Affected Software13
F5 Networks
F5 Networks
added 2023/02/21 6:4 p.m.44 views

K04362926: BIOS SMM privilege escalation vulnerability CVE-2015-0949

Security Advisory Description The System Management Mode SMM implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local...

7.8CVSS7.5AI score0.00394EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
added 2023/02/21 6:0 p.m.44 views

K31372672: Mozilla NSS vulnerabilities CVE-2015-7181, CVE-2015-7182, and CVE-2015-7183

Security Advisory Description CVE-2015-7181 The secasn1dparseleaf function in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data...

9.8CVSS9AI score0.10238EPSS
Exploits0Affected Software21
F5 Networks
F5 Networks
added 2023/02/21 6:0 p.m.44 views

K47145213: OpenSSL vulnerability CVE-2016-2176

Security Advisory Description The X509NAMEoneline function in crypto/x509/x509obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service buffer over-read via crafted EBCDIC ASN.1 data...

8.2CVSS8.9AI score0.22841EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
added 2023/02/21 5:38 p.m.44 views

K37510383: Linux kernel SCTP vulnerability CVE-2015-5283

Security Advisory Description The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service panic or memory corruption by creating SCTP sockets before all of the steps...

4.7CVSS6.2AI score0.00549EPSS
Exploits1Affected Software22
F5 Networks
F5 Networks
added 2023/02/21 5:27 p.m.44 views

K57500018: ISC DHCP 4.x vulnerability CVE-2015-8605

Security Advisory Description ISC DHCP 4.x before 4.1-ESV-R12-P1 and 4.2.x and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service application crash via an invalid length field in a UDP IPv4 packet. CVE-2015-8605 Impact A remote attacker may be able to cause a Dynamic Host...

6.5CVSS6.9AI score0.7645EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
added 2016/10/21 12:0 a.m.44 views

SOL15031791 - Samba vulnerability CVE-2015-5330

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.9AI score0.06114EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2016/10/10 12:0 a.m.44 views

SOL39272405 - OpenSSL vulnerability CVE-2016-7052

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.7AI score0.30216EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2016/07/27 12:0 a.m.44 views

SOL07112184 - HHVM vulnerability CVE-2016-1000109

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

5.3CVSS2.6AI score0.05076EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2015/12/04 12:0 a.m.44 views

SOL30714460 - OpenSSL vulnerability CVE-2015-3193

Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4918: Overview of the F5 critical issue hotfix policy...

7.5CVSS2.9AI score0.25137EPSS
Exploits1References3
F5 Networks
F5 Networks
added 2015/11/26 12:0 a.m.44 views

SOL05200155 - Multiple Java vulnerabilities

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

10CVSS2.6AI score0.13354EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2015/11/02 12:0 a.m.44 views

SOL17527 - NTP vulnerability CVE-2015-7705

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

9.8CVSS9.4AI score0.12351EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2015/10/12 12:0 a.m.44 views

SOL17381 - OpenJDK vulnerability CVE-2014-0428

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

10CVSS3.4AI score0.06051EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2015/04/22 12:0 a.m.44 views

SOL16494 - phpMyAdmin vulnerability CVE-2015-2206

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS0.7AI score0.03263EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2015/04/21 12:0 a.m.44 views

SOL16473 - Linux Kernel vulnerability CVE-2010-0007

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

2.1CVSS0.7AI score0.00403EPSS
Exploits0References12
F5 Networks
F5 Networks
added 2015/04/09 12:0 a.m.44 views

SOL16347 - Linux file utility vulnerabilities CVE-2014-8116 and CVE-2014-8117

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS2AI score0.05926EPSS
Exploits0References8
F5 Networks
F5 Networks
added 2015/04/02 12:0 a.m.44 views

SOL16343 - OpenLDAP vulnerabilities CVE-2015-1545 and CVE-2015-1546

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS2.5AI score0.11091EPSS
Exploits1References4
Total number of security vulnerabilities5000