6413 matches found
K15547: MIT Kerberos 5 vulnerability CVE-2014-4342
Security Advisory Description MIT Kerberos 5 aka krb5 1.7.x through 1.12.x before 1.12.2 allows remote attackers to cause a denial of service buffer over-read or NULL pointer dereference, and application crash by injecting invalid tokens into a GSSAPI application session. CVE-2014-4342 Impact A...
K73459626: Linux kernel vulnerability CVE-2021-3506
Security Advisory Description An out-of-bounds OOB memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of...
K16302: OpenSSL vulnerability CVE-2015-0292
Security Advisory Description Integer underflow in the EVPDecodeUpdate function in crypto/evp/encode.c in the base64-decoding implementation in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service memory corruption or possibly...
K16704: cURL and libcurl vulnerability CVE-2015-3143
Security Advisory Description cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. CVE-2015-3143 Impact Remote attackers may be able to reuse NTLM...
K16714: PHP vulnerabilities CVE-2015-2301 and CVE-2015-2331
Security Advisory Description CVE-2015-2301 Use-after-free vulnerability in the pharrenamearchive function in pharobject.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempt...
K12851: BIND vulnerability CVE-2010-3613
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K84602160: Linux kernel vulnerability CVE-2021-3491
Security Advisory Description The iouring subsystem in the Linux kernel allowed the MAXRWCOUNT limit to be bypassed in the PROVIDEBUFFERS operation, which led to negative values being usedin memrw when reading /proc//mem. This could be used to create a heap overflow leading to arbitrary code...
K40524634: OpenSSL vulnerability CVE-2016-0797
Security Advisory Description Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service heap memory corruption or NULL pointer dereference or possibly have unspecified other impact via a long digit string that is mishandl...
K14340611: Java vulnerability CVE-2013-5782
Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality,...
K13405416: QEMU vulnerability CVE-2012-3515
Security Advisory Description Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space...
K000132267: BIND vulnerability CVE-2022-3736
Security Advisory Description BIND 9 resolver can crash when stale cache and stale answers are enabled, option stale-answer-client-timeout is set to a positive integer, and the resolver receives an RRSIG query. This issue affects BIND 9 versions 9.16.12 through 9.16.36, 9.18.0 through 9.18.10,...
K34035645: Multiple Wireshark vulnerabilities
Security Advisory Description CVE-2018-7320 In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets. CVE-2018-7321 In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12,...
K74114570: BIG-IP APM webtop vulnerability CVE-2018-15334
A cross-site request forgery CSRF vulnerability in the APM webtop, may allow attacker to force an APM webtop session to log out and require re-authentication. CVE-2018-15334 Impact A remote attacker may be able to force a BIG-IP APM webtop session to log out and require reauthentication. Security...
K48351130: Linux kernel vulnerability CVE-2019-16714
Security Advisory Description In the Linux kernel before 5.2.14, rds6incinfocopy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized. CVE-2019-16714 Impact This vulnerability may allow attackers to obtain...
SOL10280318 - Zend Framework vulnerability CVE-2016-6233
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL06493172 - glibc vulnerability CVE-2016-3706
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL33285044 - Oracle Java SE vulnerability CVE-2016-0695
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL53313971 - Samba vulnerabilities CVE-2016-2110 and CVE-2016-2115
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL47133310 - Samba vulnerability CVE-2016-2112
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL23822215 - glibc calloc vulnerability CVE-2015-5229
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL93445609 - phpMyAdmin vulnerabilities
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL90230486 - Linux kernel vulnerability CVE-2015-7613
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL66871452 - PowerDNS vulnerability CVE-2015-5311
PowerDNS aka pdns Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service assertion failure and server crash via crafted query packets. CVE-2015-5311...
SOL17453 - Subversion vulnerabilities CVE-2015-0248, CVE-2015-0251, and CVE-2015-3187
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL16878 - PAM vulnerabilities CVE-2011-3148 and CVE-2011-3149
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16875 - file vulnerability CVE-2012-1571
file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference. CVE-2012-1571...
SOL16596 - Privilege escalation vulnerability CVE-2014-3215
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
SOL16342 - GNU C Library (glibc) vulnerability CVE-2012-6656
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SOL16025 - Linux kernel SCTP vulnerability CVE-2014-3688
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15567 - OpenSSL vulnerability CVE-2014-5139
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...
SOL15553 - Kerberos vulnerability CVE-2014-4343
Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...
SOL15461 - OpenSSL vulnerability CVE-2011-4619
Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Note: SGC...
SOL15427 - OpenSSL vulnerability CVE-2011-4354
Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy...
SOL15345 - GnuTLS vulnerability CVE-2014-3466
Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...
SOL14138 - XML External Entity Injection (XXE) from authenticated source vulnerability CVE-2012-2997
Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column. Acknowledgements F5 would like to acknowledge SEC Consult Vulnerability Lab for bringing this issue to our attention, and for following the...
SOL8406 - The BIG-IP ASM web management interface cross-site scripting vulnerability CVE-2008-0539
The F5 BIG-IP ASM web management interface contains a cross-site scripting vulnerability in the Security Report function. The vulnerability is within the BIG-IP ASM portion of the Configuration utility and can be accessed successfully only if the browser user is authenticated and the BIG-IP ASM...
SOL8178 - MySQL vulnerabilities CVE-2007-5925, CVE-2007-5969, and CVE-2007-6303
Information about these advisories is available at the following locations: An authenticated user who can issue SQL commands could crash the database server. A malicious user with filesystem access could cause data loss on the filesystem. VIEW definition updates do not occur correctly, allowing a...
SOL8108 - OpenSSL vulnerability CVE-2007-3108
F5 Product Development has determined that the BIG-IP and Enterprise Manager products use a vulnerable version of OpenSSL; however, the vulnerable code is not used in either TMM or in Apache on the BIG-IP system. The vulnerability is considered to be a local vulnerability and cannot be exploited...
SOL7544 - Full-width and half-width Unicode encoded data bypasses IDS/IPS security controls, VU #739224
Unicode is a system for encoding characters of a character set, which is used in networked applications. IDS/IPS or other security devices may fail to decode and recognize the characters that represent an attack if encoded in Unicode, and pass the characters to a target device. If the target devi...
K000161639: Apache HTTP Server mod_http2 (HTTP/2 Bomb) vulnerability CVE-2026-49975
Security Advisory Description Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's modhttp leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67. CVE-2026-49975 Impact For products with None in the...
K000161578: Linux kernel vulnerability CVE-2025-38085
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix hugepmdunshare vs GUP-fast race hugepmdunshare drops a reference on a page table that may have previously been shared across processes, potentially turning it into a normal page table...
K000140961: libarchive vulnerability CVE-2021-23177
Security Advisory Description An improper link resolution flaw while extracting an archive can lead to changing the access control list ACL of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A...
K000140908: MySQL Server vulnerability CVE-2024-21134
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Connection Handling. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via...
K000140735: Oracle MySQL vulnerabilities CVE-2024-21160, CVE-2024-21162, and CVE-2024-21173
Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.36 and prior and 8.3.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
K000140399: MySQL vulnerabilities CVE-2024-21130, CVE-2024-21142, CVE-2024-21166, and CVE-2024-21185
Security Advisory Description CVE-2024-21130 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access...
K000139859: Envoy vulnerability CVE-2024-30255
Security Advisory Description Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send a...
K000139637: Expat vulnerability CVE-2024-28757
Security Advisory Description libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers created via XMLExternalEntityParserCreate. CVE-2024-28757 Impact An attacker may be able to use an XML Entity Expansion attack, consuming all system resources...
K000139037: TMM vulnerability CVE-2024-25560
Security Advisory Description When a DNS profile is applied to a virtual server, undisclosed DNS traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2024-25560 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows a remote unauthenticated...
K000139489: PostgreSQL JDBC Driver vulnerability CVE-2024-1597
Security Advisory Description pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a...
K000139140: util-linux vulnerability CVE-2024-28085
Security Advisory Description wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not...