6413 matches found
K000138508: mod_ssl vulnerability CVE-2004-0700
Security Advisory Description Format string vulnerability in the modproxy hook functions function in sslenginelog.c in modssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are...
K000138198: OpenSSL vulnerability CVE-2023-6129
Security Advisory Description Issue summary: The POLY1305 MAC message authentication code implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influenc...
K000137702: Apache vulnerability CVE-2022-25147
Security Advisory Description Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime Utility APR-util 1.6.1 and prior versions. CVE-2022-25147...
K000137257: cURL vulnerabilities CVE-2023-38545
Security Advisory Description This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can b...
K000137229: BIND vulnerability CVE-2022-38178
Security Advisory Description By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources. CVE-2022-38178 Impact DNS...
K000133615: device-mapper-multipath vulnerability CVE-2022-41974
Security Advisory Description multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This c...
K000133694: MySQL vulnerabilities CVE-2023-21929, CVE-2023-21976, and CVE-2023-21980
Security Advisory Description CVE-2023-21929 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to...
K000133070: Freetype vulnerability CVE-2020-15999
Security Advisory Description Freetype: Heap-based buffer overflow due to integer truncation in LoadSBitPng. CVE-2020-15999 Impact Certain library in F5OS requires the use of the vulnerable component. However, there is no known way to exploit this vulnerability on F5OS in default, standard, or...
K000132943: OpenSSL vulnerability CVE-2022-4304
Security Advisory Description A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very lar...
K42027747: BIG-IP SNMP vulnerability CVE-2018-15328
Security Advisory Description The passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files. CVE-2018-15328 Note : The BIG-IP system...
K45616155: Nettle vulnerability CVE-2018-16869
Security Advisory Description A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extrac...
K43546166: glibc vulnerability CVE-2017-16997
Security Advisory Description elf/dl-load.c in the GNU C Library aka glibc or libc6 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged setuid or ATSECURE program, which allows local users to gain privileges via a Trojan horse library in the current working director...
K11932200: glibc vulnerability CVE-2019-1010023
Security Advisory Description GNU Libc current is affected by: Re-mapping current loaded libray with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ld...
K75248350: QEMU vulnerability CVE-2016-1714
Security Advisory Description The 1 fwcfgwrite and 2 fwcfgread functions in hw/nvram/fwcfg.c in QEMU before 2.4, when built with the Firmware Configuration device emulation support, allow guest OS users with the CAPSYSRAWIO privilege to cause a denial of service out-of-bounds read or write access...
K55225440: BIG-IP SOCKS proxy vulnerability CVE-2017-6148
Security Advisory Description Responses to SOCKS proxy requests made through the BIG-IP system may cause a disruption of service provided by the Traffic Management Microkernel TMM. The data plane is impacted and exposed only when a SOCKS proxy profile is attached to a virtual server. The control...
K59448931: BIND vulnerability CVE-2017-3142
Security Advisory Description An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely o...
K44503763: libcurl vulnerability CVE-2016-8617
Security Advisory Description The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME. CVE-2016-8617 Impact This vulnerability may allow an attacker to overwrite memory behind the...
K00040234: BIND vulnerability CVE-2018-5744
Security Advisory Description A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 - 9.10.8-P1, 9.11.3 - 9.11.5-P1, 9.12.0 - 9.12.3-P1, and versions 9.10.7-S1 - 9.11.5-S3 of BIND 9 Supported Preview Edition...
K23435400: Intel CPU vulnerability CVE-2022-0004
Security Advisory Description Hardware debug modes and processor INIT setting that allow override of locks for some IntelR Processors in IntelR Boot Guard and IntelR TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2022-0004 Impact There...
K21336065: GD Graphics Library vulnerability CVE-2016-8670
Security Advisory Description Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service stack-based buffer overflow or possibly hav...
K35340595: Kerberos vulnerability CVE-2016-3120
Security Advisory Description The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.13.6 and 1.4.x before 1.14.3, when restrictanonymoustotgt is enabled, uses an incorrect client data structure, which allows remote authenticated users t...
K27575300: Linux kernel vulnerability CVE-2019-17053
Security Advisory Description ieee802154create in net/ieee802154/socket.c in the AFIEEE802154 network module in the Linux kernel through 5.3.2 does not enforce CAPNETRAW, which means that unprivileged users can create a raw socket, aka CID-e69dbd4619e7. CVE-2019-17053 Impact There is no impact; F...
K15920: Apache vulnerability CVE-2011-0419
Security Advisory Description Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle...
K64412100: PHP vulnerability CVE-2016-4073
Security Advisory Description Multiple integer overflows in the mbflstrcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via ...
K2355: Timing attacks on RSA private keys - CAN-2003-0147
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K12876166: Linux kernel vulnerability CVE-2019-12817
Security Advisory Description arch/powerpc/mm/mmucontextbook3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB. Only a subset of powerpc systems are...
K22052524: cURL and libcurl vulnerability CVE-2018-1000120
Security Advisory Description A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. CVE-2018-1000120 Impact libcurl does not safely parse FTP URLs when using the CURLOPTFTPFILEMETHOD method. By...
K8425: Linux Kernel Vulnerability - CVE-2008-0600
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K23453330: NTP vulnerability CVE-2016-4957
Security Advisory Description ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service daemon crash via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547. CVE-2016-4957 Impact There is no impact; F5 products are not affected ...
K10600056: NTP vulnerability CVE-2015-5300
Security Advisory Description It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. CVE-2015-5300 Impact A man-in-the-middle attacker able to intercept network time protocol NTP traffic between a...
K23873366: OpenSSL vulnerability CVE-2016-2177
Security Advisory Description OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service integer overflow and application crash or possibly have unspecified other impact by leveraging unexpected mallo...
K81223200: Oracle Java SE vulnerability CVE-2016-3425
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP. CVE-2016-3425 Impact An authenticated attacker can input specially crafted XML th...
K13607: Hosts may generate weak RSA keys under low entropy conditions
Security Advisory Description A recent study, linked in the Supplemental Information section, has revealed that when a system generates new RSA keys under low-entropy conditions, such as during the first system boot, the resulting keys may not be cryptographically strong. During its first boot, t...
K17742627: cURL and libcurl vulnerability CVE-2016-8625
Security Advisory Description curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host. CVE-2016-8625 Impact Incorrect translation of International Doma...
K15220: iControl vulnerability CVE-2014-2928
Security Advisory Description The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 11.0.0 through 11.5.1, BIG-IP AAM 11.4.0 through 11.5.1, BIG-IP AFM and PEM 11.3.0 through 11.5.1, BIG-IP Analytics 11.0.0 through 11.5.1, BIG-IP Edge Gateway, WebAccelerator, WOM 11.0.0 throu...
K15759349: BIG-IP FTP profile vulnerability CVE-2019-6645
Security Advisory Description FTP traffic passing through a virtual server with both an active FTP profile associated and connection mirroring configured may cause the Traffic Management Microkernel TMM to stop responding, causing the configured high availability HA action to be taken...
K16336: PHP vulnerability CVE-2015-0273
Security Advisory Description Multiple use-after-free vulnerabilities in ext/date/phpdate.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 allow remote attackers to execute arbitrary code via crafted serialized input containing a 1 R or 2 r type specifier in a DateTimeZone data...
K35129173: GNU C Library (glibc) vulnerability CVE-2017-15670
Security Advisory Description The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string. CVE-2017-15670 Impact...
K71231825: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2018-2776 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Group Replication GCS. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to...
K3284: Buffer overflows in stub resolver libraries - CAN-2002-0029
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K63675293: NTP vulnerability CVE-2016-1548
Security Advisory Description An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c wi...
K04320238: MySQL vulnerabilities CVE-2018-3276, CVE-2018-3277, CVE-2018-3278, CVE-2018-3279, and CVE-2018-3280
Security Advisory Description CVE-2018-3276 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Memcached. Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attack...
K15317: Linux kernel vulnerability CVE-2014-0101
Security Advisory Description The sctpsfdo51Dce function in net/sctp/smstatefuns.c in the Linux kernel through 3.13.6 does not validate certain authenable and authcapable fields before making an sctpsfauthenticate call, which allows remote attackers to cause a denial of service NULL pointer...
K16365: glibc vulnerability CVE-2014-9402
Security Advisory Description The nssdns implementation of getnetbyname in GNU C Library aka glibc before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service infinite loop by sending a positive answer while a network...
K07702240: BIG-IP Resource Administrator vulnerability CVE-2019-6618
Security Advisory Description Users with the Resource Administrator role can modify sensitive portions of the file system if provided Advanced Shell access, such as editing /etc/passwd. This allows modifications to user objects and is contrary to our definition for the Resource Administrator role...
K42899154: TLS Triple Handshake Vulnerability CVE-2015-6112
Security Advisory Description SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 lacks the required extended master-secret binding support to ensure that a server's X.509...
K90024104: BIG-IP HTTP MRF vulnerability CVE-2022-35272
Security Advisory Description When source-port preserve-strict is configured on an HTTP Message Routing Framework MRF virtual server, undisclosed traffic may cause the Traffic Management Microkernel TMM to produce a core file and the connection to terminate. CVE-2022-35272 Impact Traffic is...
K70191975: Apache Xerces vulnerability CVE-2016-4463
Security Advisory Description Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD. CVE-2016-4463 Impact An attacker requires privileged access to a dynamically generated XML file to exploit one of th...
K21882212: Intel software vulnerabilities CVE-2020-8750 CVE-2020-12355
Security Advisory Description CVE-2020-8750 Use after free in Kernel Mode Driver for IntelR TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2020-12355 Authentication bypass by capture-replay in RPMB protocol...
K19473400: Linux Kernel vulnerability CVE-2018-9516
Security Advisory Description In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product...