Lucene search
K

6361 matches found

F5 Networks
F5 Networks
•added 2023/02/21 6:26 p.m.•40 views

K85243532: Serendipity vulnerability CVE-2016-10082

Security Advisory Description include/functionsinstaller.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion and a possible Code Execution attack during a first-time installation because it fails to sanitize the dbType POST parameter before adding it to an include call in the...

9.8CVSS9.3AI score0.02883EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:18 p.m.•40 views

K61275340: Java vulnerability CVE-2013-5823

Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to...

5CVSS7.3AI score0.04732EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:14 p.m.•40 views

K15110: PHP Vulnerability CVE-2013-6420

Security Advisory Description The asn1timetotimet function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse 1 notBefore and 2 notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cau...

7.5CVSS8.1AI score0.35635EPSS
Exploits8
F5 Networks
F5 Networks
•added 2023/02/21 6:8 p.m.•40 views

K15864: libxml vulnerabilities CVE-2009-2414 and CVE-2009-2416

Security Advisory Description CVE-2009-2414 Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD, related to a...

6.5CVSS6.5AI score0.03121EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 6:7 p.m.•40 views

K39178480: Perl vulnerability CVE-2018-18311

Security Advisory Description Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. CVE-2018-18311 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Produc...

9.8CVSS8.6AI score0.11676EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 5:28 p.m.•40 views

K02004209: Oracle Java vulnerability CVE-2014-0411

Security Advisory Description Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from t...

4CVSS5.8AI score0.02414EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/01/03 10:25 p.m.•40 views

K51079478: glibc vulnerability CVE-2015-8778

Security Advisory Description Integer overflow in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via the size argument to the hcreater function, which triggers out-of-bounds...

9.8CVSS8.7AI score0.05515EPSS
Exploits1Affected Software11
F5 Networks
F5 Networks
•added 2016/11/17 12:0 a.m.•40 views

SOL38016814 - PHP and libgd vulnerabilities CVE-2016-5116, CVE-2016-6128, CVE-2016-6132, and CVE-2016-6214

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.1CVSS2.4AI score0.06805EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/09/28 12:0 a.m.•40 views

SOL72372334 - FreeType vulnerability CVE-2014-9745

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5CVSS1.9AI score0.03734EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2016/09/20 12:0 a.m.•40 views

SOL10280318 - Zend Framework vulnerability CVE-2016-6233

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

9.8CVSS2.4AI score0.02047EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2016/07/13 12:0 a.m.•40 views

SOL55922302 - XSS in F5 WebSafe Dashboard vulnerability CVE-2016-5236

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.4CVSS2.2AI score0.00636EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2016/06/17 12:0 a.m.•40 views

SOL31300371 - Linux kernel vulnerability CVE-2013-4483

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

4.9CVSS2.5AI score0.00489EPSS
Exploits1References11
F5 Networks
F5 Networks
•added 2016/06/15 12:0 a.m.•40 views

SOL23453330 - NTP vulnerability CVE-2016-4957

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.4AI score0.44936EPSS
Exploits2References4
F5 Networks
F5 Networks
•added 2016/06/07 12:0 a.m.•40 views

SOL44288218 - Apache Tomcat vulnerability CVE-2012-5568

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

5CVSS2.4AI score0.09588EPSS
Exploits2References4
F5 Networks
F5 Networks
•added 2016/04/29 12:0 a.m.•40 views

SOL57500018 - ISC DHCP 4.x vulnerability CVE-2015-8605

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

6.5CVSS2.1AI score0.7645EPSS
Exploits0References8
F5 Networks
F5 Networks
•added 2016/03/25 12:0 a.m.•40 views

SOL30409575 - ISC DHCP vulnerability CVE-2016-2774

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

7.1CVSS0.9AI score0.73622EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2016/02/19 12:0 a.m.•40 views

SOL75253136 - GnuPG vulnerability CVE-2013-4242

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

1.9CVSS1.8AI score0.00533EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2016/01/19 12:0 a.m.•40 views

SOL86533083 - BIND vulnerability CVE-2015-8705

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL4602: Overview of the F5 security vulnerability response policy SOL9957: Creating a custom RSS feed to view new and updated documents SOL4918: Overview of the F5...

7CVSS3.2AI score0.07654EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/10/27 12:0 a.m.•40 views

SOL17407 - Datastor kernel vulnerability CVE-2015-7394

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

9CVSS1.9AI score0.03892EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/10/26 12:0 a.m.•40 views

SOL17475 - Linux kernel vulnerability CVE-2015-5707

Recommended Action If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are currently...

4.6CVSS1AI score0.00493EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/09/10 12:0 a.m.•40 views

SOL17254 - NTP-keygen vulnerability CVE-2015-3405

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

7.5CVSS0.7AI score0.05292EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/08/14 12:0 a.m.•40 views

SOL17130 - Linux kernel vulnerability CVE-2015-1420

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can...

1.9CVSS2.2AI score0.00362EPSS
Exploits0References2
F5 Networks
F5 Networks
•added 2015/07/14 12:0 a.m.•40 views

SOL16970 - TLS Finish Message vulnerability

The BIG-IP system does not verify every byte in the Finished message of a TLS handshake...

1.3AI score
Exploits0References9
F5 Networks
F5 Networks
•added 2015/04/14 12:0 a.m.•40 views

SOL16435 - GNU C Library vulnerability CVE-2014-6040

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS0.7AI score0.06564EPSS
Exploits1References12
F5 Networks
F5 Networks
•added 2015/04/09 12:0 a.m.•40 views

SOL16381 - Linux kernel vulnerability CVE-2014-9683

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

3.6CVSS0.8AI score0.00447EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2015/04/09 12:0 a.m.•40 views

SOL16396 - GnuPG vulnerability CVE-2013-4576

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

2.1CVSS1.4AI score0.00451EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2015/03/30 12:0 a.m.•40 views

SOL16323 - OpenSSL vulnerability CVE-2015-0209

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

6.8CVSS0.9AI score0.1633EPSS
Exploits0References7
F5 Networks
F5 Networks
•added 2014/12/31 12:0 a.m.•40 views

SOL15939 - pl_tree.php XSS vulnerability CVE-2014-9342

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

4.3CVSS1.6AI score0.02117EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2014/12/08 12:0 a.m.•40 views

SOL15897 - Wget vulnerability CVE-2014-4877

Recommended Action ARX If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...

9.3CVSS2.1AI score0.39883EPSS
Exploits4References6
F5 Networks
F5 Networks
•added 2014/10/23 12:0 a.m.•40 views

SOL15729 - Associative array vulnerability CVE-2014-3631

The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified othe...

7.2CVSS5.3AI score0.00963EPSS
Exploits4References3
F5 Networks
F5 Networks
•added 2014/09/04 12:0 a.m.•40 views

SOL15547 - MIT Kerberos 5 vulnerability CVE-2014-4342

Vulnerability Recommended Actions BIG-IP If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table doe...

5CVSS1.2AI score0.06523EPSS
Exploits0References3
F5 Networks
F5 Networks
•added 2014/09/04 12:0 a.m.•40 views

SOL15549 - Rsync vulnerability CVE-2007-6199

rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy. CVE-2007-6199...

9.3CVSS9.2AI score0.04136EPSS
Exploits0References6
F5 Networks
F5 Networks
•added 2014/06/19 12:0 a.m.•40 views

SOL15349 - OpenSSL 0.9.8t Denial of Service via S/MIME msg vulnerability CVE-2006-7250

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

5CVSS3.7AI score0.07067EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/05/29 12:0 a.m.•40 views

SOL15296 - list.jsp XSS vulnerability CVE-2014-3959

A cross-site scripting XSS vulnerability exists in list.jsp for the BIG-IP and Enterprise Manager Configuration utilities. CVE-2014-3959...

4.3CVSS5.4AI score0.01546EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/04/10 12:0 a.m.•40 views

SOL15155 - OpenSSH vulnerability CVE-2007-3102

Recommended action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

4.3CVSS2.5AI score0.02342EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2013/06/26 12:0 a.m.•40 views

SOL14468 - Client-side component flaw CVE-2013-0150

Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. A fixed client component will automatically be downloaded the next time a client is authenticated to the APM or FirePass...

9.3CVSS1.4AI score0.06316EPSS
Exploits0References11
F5 Networks
F5 Networks
•added 2011/05/12 12:0 a.m.•40 views

SOL12852 - BIND vulnerability CVE-2010-3615

For information about this advisory, refer to the Common Vulnerabilities and Exposures website at the following location: Note: The following link will take you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge:...

5CVSS8.8AI score0.09728EPSS
Exploits0
F5 Networks
F5 Networks
•added 2008/06/30 12:0 a.m.•40 views

SOL8918 - Linux kernel vulnerability CVE-2007-3851

A flaw in the DRM driver for Intel graphics cards allows a local user to access any part of the main memory. To access the DRM functionality a user must have access to the X server, which is granted through the graphical login. This also only affects systems with an Intel 965 or later graphic...

6CVSS5.6AI score0.00313EPSS
Exploits0
F5 Networks
F5 Networks
•added 2026/06/09 1:51 a.m.•39 views

K000161639: Apache HTTP Server mod_http2 (HTTP/2 Bomb) vulnerability CVE-2026-49975

Security Advisory Description Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's modhttp leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67. CVE-2026-49975 Impact For products with None in the...

7.5CVSS5.5AI score0.11471EPSS
Exploits7
F5 Networks
F5 Networks
•added 2025/03/04 10:37 p.m.•39 views

K000150232: Multiple PHP vulnerabilities

Security Advisory Description CVE-2007-2728 The soap extension in PHP calls phprandr with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcryptcreateiv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security...

7.5CVSS7.7AI score0.49336EPSS
Exploits4
F5 Networks
F5 Networks
•added 2024/12/06 11:49 p.m.•39 views

K000148895: Intel UEFI firmware vulnerabilities CVE-2023-2235, CVE-2023-23904, and CVE-2023-25546

Security Advisory Description CVE-2023-22351 Out-of-bounds write in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-23904 NULL pointer dereference in the UEFI firmware for some IntelR Processors may allo...

6.9CVSS7AI score0.00145EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/11/26 10:7 p.m.•39 views

K000148690: Qt vulnerability CVE-2023-32573

Security Advisory Description In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled. CVE-2023-32573 Impact A remote attacker may be able to cause a denial-of-service DoS on the system. Security Advisor...

6.5CVSS7.2AI score0.00877EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2024/09/03 4:40 p.m.•39 views

K000140908: MySQL Server vulnerability CVE-2024-21134

Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Connection Handling. Supported versions that are affected are 8.0.37 and prior and 8.4.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via...

4.3CVSS4.7AI score0.00777EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/06/18 5:51 p.m.•39 views

K000140039: Intel QAT vulnerability CVE-2023-32641

Security Advisory Description Improper input validation in firmware for IntelR QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. CVE-2023-32641 Impact There is no impact; F5 products are not affected by this vulnerability. Securit...

8.8CVSS8.5AI score0.0031EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/06/06 1:49 a.m.•39 views

K000139922: Open vSwitch vulnerabilities CVE-2023-3966 and CVE-2023-5366

Security Advisory Description CVE-2023-3966 A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is...

7.5CVSS6.3AI score0.01033EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/06/04 7:16 p.m.•39 views

K000139897: Linux kernel vulnerability CVE-2023-42753

Security Advisory Description An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound...

7.8CVSS6.8AI score0.00514EPSS
Exploits1Affected Software1
F5 Networks
F5 Networks
•added 2024/05/31 5:23 p.m.•39 views

K000139859: Envoy vulnerability CVE-2024-30255

Security Advisory Description Envoy is a cloud-native, open source edge and service proxy. The HTTP/2 protocol stack in Envoy versions prior to 1.29.3, 1.28.2, 1.27.4, and 1.26.8 are vulnerable to CPU exhaustion due to flood of CONTINUATION frames. Envoy's HTTP/2 codec allows the client to send a...

7.5CVSS6.8AI score0.8781EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/05/16 3:14 a.m.•39 views

K000139637: Expat vulnerability CVE-2024-28757

Security Advisory Description libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers created via XMLExternalEntityParserCreate. CVE-2024-28757 Impact An attacker may be able to use an XML Entity Expansion attack, consuming all system resources...

7.5CVSS7.2AI score0.02006EPSS
Exploits1Affected Software12
F5 Networks
F5 Networks
•added 2024/05/02 11:24 a.m.•39 views

K000139489: PostgreSQL JDBC Driver vulnerability CVE-2024-1597

Security Advisory Description pgjdbc, the PostgreSQL JDBC Driver, allows attacker to inject SQL if using PreferQueryMode=SIMPLE. Note this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a...

10CVSS8.2AI score0.0481EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/04/01 4:5 p.m.•39 views

K000139140: util-linux vulnerability CVE-2024-28085

Security Advisory Description wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users' terminals through argv. Specifically, escape sequences received from stdin are blocked, but escape sequences received from argv are not...

3.3CVSS6.4AI score0.02242EPSS
Exploits3
Total number of security vulnerabilities5000