6413 matches found
K39272405: OpenSSL vulnerability CVE-2016-7052
Security Advisory Description crypto/x509/x509vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service NULL pointer dereference and application crash by triggering a CRL operation. CVE-2016-7052 Impact There is no impact; F5 products are not affected by this vulnerability...
K17515: NTP vulnerability CVE-2015-7855
Security Advisory Description The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value. CVE-2015-7855 Impact A locally authenticated user may ...
K30845195: Linux kernel vulnerability CVE-2018-5703
Security Advisory Description The tcpv6synrecvsock function in net/ipv6/tcpipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service slab out-of-bounds write or possibly have unspecified other impact via vectors involving TLS. CVE-2018-5703 Impact Traffix SDC When...
K59395527: Intel processor vulnerability CVE-2021-33150
Security Advisory Description Hardware allows activation of test or debug logic at runtime for some IntelR Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2021-33150 Impact There is no impact; F5 products are not...
K05046514: NTP vulnerability CVE-2015-7979
Security Advisory Description NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service client-server association tear down by sending broadcast packets with invalid authentication to a broadcast client. CVE-2015-7979 Impact An attacker may exploit this...
K93000310: Apache Tomcat vulnerability CVE-2019-0199
Security Advisory Description The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessive numbers of SETTINGS frames and also permitted clients to keep streams open without reading/writing request/response data. By keeping streams open for...
K54193041: Java SE vulnerability CVE-2019-2999
Security Advisory Description Vulnerability in the Java SE product of Oracle Java SE component: Javadoc. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...
K28902827: Apache mod_http2 vulnerability CVE-2018-11763
Security Advisory Description In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not...
K27228191: Node.js vulnerability CVE-2018-7159
Security Advisory Description The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as having a value of 12. The HTTP specification does not allow for spaces in the Content-Length value and the...
K51213246: BIG-IP APM AD authentication vulnerability CVE-2021-23008
Security Advisory Description BIG-IP APM AD Active Directory authentication can be bypassed using a spoofed AS-REP Kerberos Authentication Service Response response sent over a hijacked KDC Kerberos Key Distribution Center connection, or from an AD server compromised by an attacker.CVE-2021-23008...
K08832573: DHCP vulnerability CVE-2021-25217
Security Advisory Description In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are beyond their End-of-Life EOL and no longer supported by ISC. From inspection it is clear that the...
K11023978: Linux kernel vulnerability CVE-2017-6346
Security Advisory Description Race condition in net/packet/afpacket.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via a multithreaded application that makes PACKETFANOUT setsockopt system calls...
K44994972: Linux kernel vulnerability CVE-2020-25704
Security Advisory Description A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERFEVENTIOCSETFILTER. A local user could use this flaw to starve the resources causing denial of service. CVE-2020-25704 Impact This vulnerability may allow a local...
K14204: BIND vulnerability CVE-2011-4313
Security Advisory Description ISC reports that query.c in BIND may allow remote attackers to cause a denial-of-service assertion failure and named exit. The vulnerability uses unknown vectors related to recursive DNS queries, error logging, and the caching of an invalid record by the resolver. Th...
K33015954: Linux kernel vulnerability CVE-2019-3882
Security Advisory Description A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may...
K16427: Linux kernel vulnerability CVE-2013-7421
Security Advisory Description The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AFALG socket with a module name in the salgname field, a different vulnerability than CVE-2014-9644. CVE-2013-7421 Impact There is no...
K38271531: BIG-IP and BIG-IQ SCP vulnerability CVE-2022-26340
Security Advisory Description An authenticated, high-privileged attacker with no bash access may be able to access Certificate and Key files using Secure Copy SCP protocol from a remote system. CVE-2022-26340 Impact This vulnerability may allow an authenticated, high-privileged attacker who has...
K40048447: Linux kernel vulnerability CVE-2017-18202
Security Advisory Description The oomreaptaskmm function in mm/oomkill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service TLB entry leak or use-after-free or possibly have unspecified other impact by triggering a copytouser call...
K92862401: libpcap vulnerability CVE-2019-15163
Security Advisory Description rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service NULL pointer dereference and daemon crash if a crypt call fails. CVE-2019-15163 Impact A local attacker may be able to cause a denial of service DoS. Security Advisory Status F5...
K82205554: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2016-0652 Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to DML." CVE-2016-0656 Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via...
K76930736: Libpng vulnerability CVE-2015-8126
Security Advisory Description Multiple buffer overflows in the 1 pngsetPLTE and 2 pnggetPLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service applicatio...
K05937379: libxml2 vulnerability CVE-2016-1837
Security Advisory Description Multiple use-after-free vulnerabilities in the 1 htmlPArsePubidLiteral and 2 htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause ...
K02215905: Wireshark vulnerabilities CVE-2018-16056, CVE-2018-16057, and CVE-2018-16058
Security Advisory Description CVE-2018-16056 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists. CVE-2018-16057 In...
K30340506: Intel Multiple CPU vulnerabilities CVE-2020-8738,CVE-2020-8739,CVE-2020-8740,CVE-2020-8764
Security Advisory Description CVE-2020-8738 Improper conditions check in Intel BIOS platform sample code for some IntelR Processors before may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-8739 Use of potentially dangerous function in Intel BIOS...
K44834280: Multiple Treck vulnerabilities CVE-2020-25066, CVE-2020-27336, CVE-2020-27337, and CVE-2020-27338
Security Advisory Description CVE-2020-25066 A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service crash/reset or to possibly execute arbitrary code. CVE-2020-27336 An issue was discovered in Treck IPv6 before 6.0.1.68...
K73659122: GPU vulnerabilities CVE-2019-0154 and CVE-2019-0155
Security Advisory Description CVE-2019-0154 Insufficient access control in subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series;...
K41142448: QEMU vulnerability CVE-2020-27617
Security Advisory Description ethgetgsotype in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol. CVE-2020-27617 Impact BIG-IP This flaw allows a guest user to cause the QEMU proces...
K19533600: SQLite Vulnerability CVE-2019-13734
Security Advisory Description Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. CVE-2019-13734 Impact There is no impact; F5 products are not affected by this vulnerability. Security...
K16990: zlib 1.2.2 vulnerability CVE-2005-1849
Security Advisory Description inftrees.h in zlib 1.2.2 allows remote attackers to cause a denial of service application crash via an invalid file that causes a large dynamic tree to be produced. CVE-2005-1849 Impact None. F5 products are not affected by this vulnerability. Security Advisory Statu...
K16920: OpenSSL vulnerability CVE-2014-8176
Security Advisory Description The dtls1clearqueues function in ssl/d1lib.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h frees data structures without considering that application data can arrive between a ChangeCipherSpec message and a Finished message, which allows...
K17237: Linux kernel vulnerability CVE-2014-7822
Security Advisory Description The implementation of certain splicewrite file operations in the Linux kernel before 3.16 does not enforce a restriction on the maximum size of a single file, which allows local users to cause a denial of service system crash or possibly have unspecified other impact...
K15417: OpenSSL vulnerability CVE-2012-0050
Security Advisory Description Description OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service crash via unspecified vectors related to an out-of-bounds read. NOTE: this vulnerability exists because of an incorrect fix f...
K5860: GSSAPI authentication vulnerability in OpenSSH - CAN-2005-2798
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K59298921: OpenSSL vulnerability CVE-2016-2181
Security Advisory Description The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service false-positive packet drops via spoofed DTLS...
K04362926: BIOS SMM privilege escalation vulnerability CVE-2015-0949
Security Advisory Description The System Management Mode SMM implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local...
K31372672: Mozilla NSS vulnerabilities CVE-2015-7181, CVE-2015-7182, and CVE-2015-7183
Security Advisory Description CVE-2015-7181 The secasn1dparseleaf function in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data...
K47145213: OpenSSL vulnerability CVE-2016-2176
Security Advisory Description The X509NAMEoneline function in crypto/x509/x509obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service buffer over-read via crafted EBCDIC ASN.1 data...
K37510383: Linux kernel SCTP vulnerability CVE-2015-5283
Security Advisory Description The sctpinit function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service panic or memory corruption by creating SCTP sockets before all of the steps...
K57500018: ISC DHCP 4.x vulnerability CVE-2015-8605
Security Advisory Description ISC DHCP 4.x before 4.1-ESV-R12-P1 and 4.2.x and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service application crash via an invalid length field in a UDP IPv4 packet. CVE-2015-8605 Impact A remote attacker may be able to cause a Dynamic Host...
SOL15031791 - Samba vulnerability CVE-2015-5330
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL39272405 - OpenSSL vulnerability CVE-2016-7052
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL07112184 - HHVM vulnerability CVE-2016-1000109
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL30714460 - OpenSSL vulnerability CVE-2015-3193
Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4918: Overview of the F5 critical issue hotfix policy...
SOL05200155 - Multiple Java vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL17527 - NTP vulnerability CVE-2015-7705
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL17381 - OpenJDK vulnerability CVE-2014-0428
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL16494 - phpMyAdmin vulnerability CVE-2015-2206
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL16473 - Linux Kernel vulnerability CVE-2010-0007
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...
SOL16347 - Linux file utility vulnerabilities CVE-2014-8116 and CVE-2014-8117
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL16343 - OpenLDAP vulnerabilities CVE-2015-1545 and CVE-2015-1546
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...