6413 matches found
K92071148: Server component of Oracle MySQL vulnerabilities CVE-2016-8318, CVE-2017-3291, CVE-2017-3312, CVE-2017-3313, and CVE-2017-3320
Security Advisory Description CVE-2016-8318 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Encryption. Supported versions that are affected are 5.6.34 and earlier and 5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker...
K37283878: Intel I210 network adapter vulnerability CVE-2020-0522
Security Advisory Description Improper initialization in the firmware for the IntelR Ethernet I210 Controller series of network adapters before version 3.30 may allow a privileged user to potentially enable denial of service via local access. CVE-2020-0522 Impact The BIG-IP management network por...
K29203191: Linux kernel vulnerability CVE-2019-10220
Security Advisory Description Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists. CVE-2019-10220 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has...
K35340595: Kerberos vulnerability CVE-2016-3120
Security Advisory Description The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.13.6 and 1.4.x before 1.14.3, when restrictanonymoustotgt is enabled, uses an incorrect client data structure, which allows remote authenticated users t...
K42266856: DHCP vulnerability CVE-2017-3144
Security Advisory Description A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. Affects ISC DHCP 4.1.0 to 4.1-ESV-R15, 4.2.0 to 4.2.8, 4.3.0 to 4.3.6. Older versions may also b...
K95345942: Linux kernel vulnerability CVE-2015-3339
Security Advisory Description Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is n...
K20145801: Mozilla NSS vulnerability CVE-2016-1979
Security Advisory Description Use-after-free vulnerability in the PK11ImportDERPrivateKeyInfoAndReturnKey function in Mozilla Network Security Services NSS before 3.21.1, as used in Mozilla Firefox before 45.0, allows remote attackers to cause a denial of service or possibly have unspecified othe...
K12876166: Linux kernel vulnerability CVE-2019-12817
Security Advisory Description arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are...
K93048305: Linux kernel vulnerability CVE-2021-20268
Security Advisory Description An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls devmapinitmap or sockmapalloc. This flaw allows a local user to crash the system or possibly escalate their privilege...
K8918: Linux kernel vulnerability CVE-2007-3851
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K15955144: Mozilla NSS vulnerability CVE-2015-2730
Security Advisory Description Mozilla Network Security Services NSS before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography ECC multiplications, which makes it easier for...
K23641249: KVM hypervisor vulnerability CVE-2020-2732
Security Advisory Description A flaw was discovered in the way that the KVM hypervisor handled instruction emulation for an L2 guest when nested virtualisation is enabled. Under some circumstances, an L2 guest may trick the L0 guest into accessing sensitive L1 resources that should be inaccessibl...
K15732: Linux kernel vulnerability CVE-2013-0311
Security Advisory Description Description The translatedesc function in drivers/vhost/vhost.c in the Linux kernel before 3.7 does not properly handle cross-region descriptors, which allows guest OS users to obtain host OS privileges by leveraging Kernel-base Virtual Machine KVM guest OS privilege...
K63675293: NTP vulnerability CVE-2016-1548
Security Advisory Description An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c wi...
K17449: Apache Struts 2 vulnerability CVE-2015-5169
Security Advisory Description Cross-site scripting XSS vulnerability in Apache Struts before 2.3.20. CVE-2015-5169 When debug mode is switched on in Apache Struts, under certain conditions, an arbitrary script may be executed in the 'Problem Report' screen. Affected versions are Struts 2.0.0 -...
K16983: PCRE library vulnerability CVE-2015-2325
Security Advisory Description PCRE library is prone to a heap overflow vulnerability. Due to insufficient bounds checking inside compilebranch, the heap memory could be overflowed via a crafted regular expression. Since PCRE library is widely used, this vulnerability should affect many applicatio...
K4532: gzip vulnerabilities CAN-2005-0758, CAN-2005-0988, and CAN-2005-1228
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...
K11270891: Multiple Intel Linux Wi-Fi Drivers vulnerabilities CVE-2020-12313, CVE-2020-12317, CVE-2020-12319, CVE-2017-13080
Security Advisory Description CVE-2020-12313 Insufficient control flow management in some IntelR PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. CVE-2020-12317 Improper buffer restriction in...
K75952001: QEMU vulnerability CVE-2019-15890
Security Advisory Description libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported...
K24715544: MySQL vulnerabilities CVE-2018-2591, CVE-2018-2600, CVE-2018-2612, CVE-2018-2622, and CVE-2018-2640
Security Advisory Description CVE-2018-2591 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Partition. Supported versions that are affected are 5.6.38 and prior and 5.7.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
K15535113: MySQL vulnerability CVE-2016-5632
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.14 and earlier allows remote administrators to affect availability via vectors related to Server: Optimizer. CVE-2016-5632 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
K52285493: Multiple Intel CPU vulnerabilities
Security Advisory Description CVE-2020-8670 Race condition in the firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2020-8700 Improper input validation in the firmware for some IntelR Processors may allow a privileg...
K15082: OpenSSH vulnerability CVE-2010-4755
Security Advisory Description The 1 remoteglob function in sftp-glob.c and the 2 processput function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service CPU and memory...
K17307: Linux kernel vulnerability CVE-2015-5364
Security Advisory Description The 1 udprecvmsg and 2 udpv6recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service system hang via incorrect checksums within a UDP packet flood. CVE-2015-5364 Impac...
K10321239: Intel CPU vulnerability CVE-2019-11157
Security Advisory Description Improper conditions check in voltage settings for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure via local access. CVE-2019-11157 Impact There is no impact; F5 products are not affect...
K23033557: Intel software vulnerabilities CVE-2020-8746, CVE-2020-8747, CVE-2020-8749, CVE-2020-8752, CVE-2020-8753
Security Advisory Description CVE-2020-8746 Integer overflow in subsystem for IntelR AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable denial of service via adjacent access. CVE-2020-8747 Out-of-bounds read in subsystem fo...
K89002224: PHP vulnerability CVE-2016-7127
Security Advisory Description The imagegammacorrect function in ext/gd/gd.c in PHP before 5.6.25 and 7.x before 7.0.10 does not properly validate gamma values, which allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact by providing...
K34450231: TLS 1.3 vulnerability CVE-2019-6659
Security Advisory Description BIG-IP virtual servers with TLS 1.3 enabled may experience a denial-of-service DoS due to undisclosed incoming messages. CVE-2019-6659 Impact BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator Undisclosed...
K16213320: Python Pillow vulnerabilities CVE-2020-5312 and CVE-2020-5313
Security Advisory Description CVE-2020-5312 libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow. CVE-2020-5313 libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. Impact There is no impact; F5 products are not affected by this vulnerability. Securi...
K01251345: OpenSSL vulnerability CVE-2020-1967
Security Advisory Description Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extension. The crash occurs if an invalid or...
K15792: Path MTU discovery vulnerability CVE-2004-1060
Security Advisory Description Multiple TCP/IP and ICMP implementations, when using Path MTU PMTU discovery PMTUD, allow remote attackers to cause a denial of service network throughput reduction for TCP connections via forged ICMP "Fragmentation Needed and Don't Fragment was Set" packets with a l...
K16011: Linux kernel vulnerability CVE-2012-6657
Security Advisory Description The socksetsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service system crash by leveraging the ability to create a raw...
K60104355: Linux kernel vulnerability CVE-2017-5970
Security Advisory Description The ipv4pktinfoprepare function in net/ipv4/ipsockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service system crash via 1 an application that makes crafted system calls or possibly 2 IPv4 traffic with invalid IP options. CVE-2017-597...
K16914: OpenSSL vulnerability CVE-2015-1791
Security Advisory Description Race condition in the ssl3getnewsessionticket function in ssl/s3clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service double fre...
K52638558: RESOLV::lookup iRule command vulnerability CVE-2016-6876
Security Advisory Description A specially crafted reply to DNS queries from RESOLV::lookup may consume excess system resources or possibly lead to a crash and failover. CVE-2016-6876 Impact The BIG-IP system may consume excess system resources, or experience a Traffic Management Microkernel TMM...
K11426315: BIND vulnerability CVE-2021-25214
Security Advisory Description In BIND 9.8.5 - 9.8.8, 9.9.3 - 9.11.29, 9.12.0 - 9.16.13, and versions BIND 9.9.3-S1 - 9.11.29-S1 and 9.16.8-S1 - 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 - 9.17.11 of the BIND 9.17 development branch, when a vulnerable versi...
K19707805: glibc vulnerability CVE-2017-15804
Security Advisory Description The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator. CVE-2017-15804 Impact BIG-IP, BIG-IQ, F5 iWorkflow, Enterprise Manager, LineRate, and ARX There is no impact;...
K02219239: PCRE vulnerability CVE-2020-14155
Security Advisory Description libpcre in PCRE before 8.44 allows an integer overflow via a large number after a ?C substring. CVE-2020-14155 Impact An attacker may be able cause an integer overflow that negatively impacts applications. Security Advisory Status F5 Product Development has assigned ...
K02212309: MySQL vulnerabilities CVE-2018-2755, CVE-2018-2758, CVE-2018-2759, CVE-2018-2761, and CVE-2018-2762
Security Advisory Description CVE-2018-2755 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated...
K01153535: BIG-IP AWS vulnerability CVE-2021-23051
Security Advisory Description When the Data Plane Development Kit DPDK/Elastic Network Adapter ENA driver is used with BIG-IP on Amazon Web Services AWS systems, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. This is due to an incomplete fix for CVE-2020-5862...
K32562850: jackson-databind vulnerabilities CVE-2019-16943 and CVE-2019-17531
Security Advisory Description CVE-2019-16943 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled either globally or for a specific property for an externally exposed JSON endpoint and the service has the p6spy 3.8.6 jar in t...
K52833764: OpenSSL vulnerability CVE-2021-23841
Security Advisory Description The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer fie...
K82747025: GraphicsMagick vulnerability CVE-2016-5118
Security Advisory Description The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | pipe character at the start of a filename. CVE-2016-5118 Impact A remote attacker may be able to execute arbitrary code on the...
K17256: D-Bus vulnerability CVE-2014-3638
Security Advisory Description The busconnectionscheckreply function in config-parser.c in D-Bus before 1.6.24 and 1.8.x before 1.8.8 allows local users to cause a denial of service CPU consumption via a large number of method calls. CVE-2014-3638 Impact A locally authenticated user may be able to...
K16939: Multiple Wireshark vulnerabilities
Security Advisory Description Description CVE-2014-6421 Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service application crash via a crafted packet that leverages split memory ownership between the SDP and RTP...
K6734: Local OpenSSL vulnerabilities VU#547300 and VU#386964, CAN-2006-3738, CAN-2006-2940, CAN-2006-2937, CAN-2006-4343
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K40540405: Linux kernel vulnerability CVE-2018-10675
Security Advisory Description The dogetmempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service use-after-free or possibly have unspecified other impact via crafted system calls. CVE-2018-10675 Impact A local attacker can cause a...
K75934136: Linux kernel vulnerability CVE-2020-36313
Security Advisory Description An issue was discovered in the Linux kernel before 5.7. The KVM subsystem allows out-of-range access to memslots after a deletion, aka CID-0774a964ef56. This affects arch/s390/kvm/kvm-s390.c, include/linux/kvmhost.h, and virt/kvm/kvmmain.c. CVE-2020-36313 Impact Ther...
K09040132: libgcrypt vulnerability CVE-2016-6313
Security Advisory Description The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits...
K71926235: libxml2 vulnerability CVE-2016-1838
Security Advisory Description The xmlPArserPrintFileContextInternal function in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted...