Lucene search
K

6401 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:14 p.m.40 views

K12567: BIND vulnerability CVE-2010-3614

Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...

6.4CVSS7.7AI score0.14503EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:13 p.m.40 views

K53442005: BIG-IP VE vulnerability CVE-2022-23030

Security Advisory Description When the BIG-IP Virtual Edition VE uses the ixlv driver which is used in SR-IOV mode and requires Intel X710/XL710/XXV710 family of network adapters on the Hypervisor and TCP Segmentation Offload configuration is enabled, undisclosed requests may cause an increase in...

5.3CVSS5.3AI score0.00889EPSS
Exploits0Affected Software13
F5 Networks
F5 Networks
added 2023/02/21 6:6 p.m.40 views

K23893104: QEMU vulnerability CVE-2017-13672

Security Advisory Description QEMU aka Quick Emulator, when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service out-of-bounds read and QEMU process crash via vectors involving display update. CVE-2017-13672. Impact There is no impact; F...

5.5CVSS6.1AI score0.00953EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/02/21 6:1 p.m.40 views

K93445609: phpMyAdmin vulnerabilities

Security Advisory Description CVE-2016-1927 The suggestPassword function in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 relies on the Math.random JavaScript function, which makes it easier for remote attackers to guess passwords via a...

7.5CVSS6.3AI score0.02688EPSS
Exploits0
F5 Networks
F5 Networks
added 2016/11/21 12:0 a.m.40 views

SOL15922322 - MySQL vulnerability CVE-2016-8288

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

4.9CVSS2.7AI score0.01619EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2016/11/04 12:0 a.m.40 views

SOL44340019 - rpcbind use-after-free vulnerability CVE-2015-7236

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.6AI score0.06408EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2016/10/20 12:0 a.m.40 views

SOL38310742 - Kerberos vulnerability CVE-2015-8629

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

5.3CVSS3.2AI score0.03657EPSS
Exploits0References10
F5 Networks
F5 Networks
added 2016/07/05 12:0 a.m.40 views

SOL81732330 - Poppler vulnerability CVE-2013-4473

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.7AI score0.07126EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2016/04/29 12:0 a.m.40 views

SOL57500018 - ISC DHCP 4.x vulnerability CVE-2015-8605

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

6.5CVSS2.1AI score0.7645EPSS
Exploits0References8
F5 Networks
F5 Networks
added 2016/03/09 12:0 a.m.40 views

SOL59692558 - BIND vulnerability CVE-2016-2088

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

6.8CVSS2.3AI score0.2262EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2016/01/19 12:0 a.m.40 views

SOL86533083 - BIND vulnerability CVE-2015-8705

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL4602: Overview of the F5 security vulnerability response policy SOL9957: Creating a custom RSS feed to view new and updated documents SOL4918: Overview of the F5...

7CVSS3.2AI score0.07654EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2015/12/16 12:0 a.m.40 views

SOL30673534 - BIND vulnerability CVE-2015-8461

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.1CVSS3.2AI score0.04848EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2015/08/20 12:0 a.m.40 views

SOL17156 - PHP vulnerability CVE-2014-5298

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

5CVSS0.5AI score0.03002EPSS
Exploits2References5
F5 Networks
F5 Networks
added 2015/08/12 12:0 a.m.40 views

SOL17119 - MySQL vulnerability CVE-2015-2576

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

2.1CVSS2.7AI score0.00438EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2015/07/20 12:0 a.m.40 views

SOL16990 - zlib 1.2.2 vulnerability CVE-2005-1849

Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...

5CVSS0.9AI score0.03999EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2015/07/14 12:0 a.m.40 views

SOL16970 - TLS Finish Message vulnerability

The BIG-IP system does not verify every byte in the Finished message of a TLS handshake...

1.3AI score
Exploits0References9
F5 Networks
F5 Networks
added 2015/06/26 12:0 a.m.40 views

SOL16781 - Linux kernel vulnerability CVE-2014-3535

include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdevprintk and its related logging implementation, which allows remote attackers to cause a denial of service NULL pointer dereference and system crash by sending invalid packets to a VxLAN interface...

7.8CVSS6.1AI score0.0415EPSS
Exploits1References13
F5 Networks
F5 Networks
added 2015/06/05 12:0 a.m.40 views

SOL16715 - Multiple LibTIFF vulnerabilities

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

9.3CVSS1.8AI score0.11823EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2015/04/29 12:0 a.m.40 views

SOL16090 - BIG-IP Automatic Update Check and ASM Automatic Signature Update man-in-the-middle vulnerability CVE-2014-9326

The BIG-IP Phone Home and ASM Call Home automatic signature update functionality is susceptible to Man-in-the-Middle type attacks due to improper validation of server SSL certificates. CVE-2014-9326...

4.3CVSS6.4AI score0.00823EPSS
Exploits0References9
F5 Networks
F5 Networks
added 2015/04/14 12:0 a.m.40 views

SOL16435 - GNU C Library vulnerability CVE-2014-6040

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

5CVSS0.7AI score0.06564EPSS
Exploits1References12
F5 Networks
F5 Networks
added 2015/02/12 12:0 a.m.40 views

SOL16118 - libXfont vulnerabilities CVE-2014-0209, CVE-2014-0210 and CVE-2014-0211

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

7.5CVSS1.3AI score0.04362EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2014/11/06 12:0 a.m.40 views

SOL15807 - cURL and libcurl vulnerability CVE-2014-1263

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. Supplemental...

4.3CVSS1.7AI score0.02862EPSS
Exploits2References4
F5 Networks
F5 Networks
added 2014/10/23 12:0 a.m.40 views

SOL15729 - Associative array vulnerability CVE-2014-3631

The assocarraygc function in the associative-array implementation in lib/assocarray.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified othe...

7.2CVSS5.3AI score0.00963EPSS
Exploits4References3
F5 Networks
F5 Networks
added 2014/10/23 12:0 a.m.40 views

SOL15743 - BIND vulnerability CVE-2011-2465

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

2.6CVSS2.6AI score0.0888EPSS
Exploits1References4
F5 Networks
F5 Networks
added 2014/09/04 12:0 a.m.40 views

SOL15565 - OpenSSL vulnerability CVE-2014-3512

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. To mitigate this...

7.5CVSS1.7AI score0.7408EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2014/07/23 12:0 a.m.40 views

SOL15439 - Samba vulnerability CVE-2014-0244

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy...

3.3CVSS3.7AI score0.20481EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2014/05/29 12:0 a.m.40 views

SOL15296 - list.jsp XSS vulnerability CVE-2014-3959

A cross-site scripting XSS vulnerability exists in list.jsp for the BIG-IP and Enterprise Manager Configuration utilities. CVE-2014-3959...

4.3CVSS5.4AI score0.01546EPSS
Exploits0References5
F5 Networks
F5 Networks
added 2014/05/07 12:0 a.m.40 views

SOL15220 - iControl vulnerability CVE-2014-2928

Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

7.1CVSS2.1AI score0.3905EPSS
Exploits8References7
F5 Networks
F5 Networks
added 2014/02/25 12:0 a.m.40 views

SOL15013 - OpenSSH vulnerability CVE-2011-0539

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy...

5CVSS3.7AI score0.01797EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2013/01/23 12:0 a.m.40 views

SOL14154 - SQL injection vulnerability from an authenticated source CVE-2012-3000

Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column. Acknowledgements F5 would like to acknowledge SEC Consult Vulnerability Lab for bringing this issue to our attention, and for following the...

7.5CVSS2.7AI score0.0159EPSS
Exploits2References6
F5 Networks
F5 Networks
added 2012/09/06 12:0 a.m.40 views

SOL13838 - XSS vulnerability CVE-2012-2975

Vulnerability Recommended Actions To eliminate this vulnerability, upgrade to a version or hotfix that is listed in the Versions known to be not vulnerable column in the previous table. Acknowledgements F5 would like to acknowledge Roger Wemyss with Dell SecureWorks for his efforts in identifying...

4.3CVSS2.8AI score0.01513EPSS
Exploits1References6
F5 Networks
F5 Networks
added 2011/07/26 12:0 a.m.40 views

SOL12985 - BIND vulnerability CVE-2011-1910

Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service assertion failure and daemon exit via a negative response containing large RRSIG RRsets...

5CVSS7.2AI score0.24638EPSS
Exploits1
F5 Networks
F5 Networks
added 2007/05/16 12:0 a.m.40 views

SOL3279 - Heap-based buffer overflow in mod_proxy - CAN-2004-0492

Heap-based buffer overflow in proxyutil.c for modproxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service process crash and possibly execute arbitrary code by way of a negative Content-Length HTTP header field, which causes a large amount of data to be copied...

10CVSS3.9AI score0.33639EPSS
Exploits0
F5 Networks
F5 Networks
added 2007/05/16 12:0 a.m.40 views

SOL6919 - Cross-site scripting vulnerability in my.activation.php3 CVE-2007-3097

A cross-site scripting XSS vulnerability exists in the FirePass my.activation.php3 logon page.The affected FirePass logon URL fails to fully sanitize certain URL arguments before the requested web page content is returned to the browser. It is possible for an attacker to create web pages, emails ...

7.5CVSS5.7AI score0.02204EPSS
Exploits0
F5 Networks
F5 Networks
added 2025/03/04 10:37 p.m.39 views

K000150232: Multiple PHP vulnerabilities

Security Advisory Description CVE-2007-2728 The soap extension in PHP calls phprandr with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcryptcreateiv issue covered by CVE-2007-2727. Note: The PHP team argue that this is not a valid security...

7.5CVSS7.7AI score0.49336EPSS
Exploits4
F5 Networks
F5 Networks
added 2024/11/25 10:5 p.m.39 views

K000148709: Multiple Intel Ethernet Controllers and Adapters vulnerabilities

Security Advisory Description CVE-2024-21806 Improper conditions check in Linux kernel mode driver for some IntelR Ethernet Network Controllers and Adapters E810 Series before version 28.3 may allow an authenticated user to potentially enable denial of service via local access. CVE-2024-21807...

9.3CVSS6.6AI score0.00527EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/10/29 9:14 p.m.39 views

K000148314: MySQL vulnerabilities CVE-2024-21232 and CVE-2024-21212

Security Advisory Description CVE-2024-21232 Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Components Services. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with...

4.4CVSS4.8AI score0.00943EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/10/24 10:5 p.m.39 views

K000148248: less vulnerability CVE-2024-32487

Security Advisory Description less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires use with attacker-controlled file names, such as the files extracted from an untrusted archive...

8.6CVSS7.3AI score0.00628EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/10/07 3:3 a.m.39 views

K000141353: Multiple PHP vulnerabilities

Security Advisory Description CVE-2019-9024 An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in...

8.8CVSS8.2AI score0.08975EPSS
Exploits4
F5 Networks
F5 Networks
added 2024/09/20 9:27 p.m.39 views

K000141129: Python vulnerability CVE-2024-35195

Security Advisory Description Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of...

5.6CVSS7AI score0.0034EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2024/08/27 9:57 p.m.39 views

K000140865: Linux kernel vulnerability CVE-2023-45871

Security Advisory Description An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Impact An attacker can exploit the vulnerability to access...

7.5CVSS7.1AI score0.00544EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2024/08/27 6:27 p.m.39 views

K000140863: Busybox vulnerability CVE-2022-48174

Security Advisory Description There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution. CVE-2022-48174 Impact There is no impact; F5 products are not affect...

9.8CVSS7.4AI score0.02979EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/07/23 10:1 p.m.39 views

K000140414: Loop DOS UDP vulnerability CVE-2024-2169

Security Advisory Description Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service DOS and/or abuse of resources. CVE-2024-2169 Impact The...

7.5CVSS6.7AI score0.05397EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/06/18 5:51 p.m.39 views

K000140039: Intel QAT vulnerability CVE-2023-32641

Security Advisory Description Improper input validation in firmware for IntelR QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. CVE-2023-32641 Impact There is no impact; F5 products are not affected by this vulnerability. Securit...

8.8CVSS8.5AI score0.0031EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/05/20 9:15 a.m.39 views

K000139684: AMD processors vulnerability CVE-2023-20569

Security Advisory Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. CVE-2023-20569 Impact The...

4.7CVSS7.1AI score0.0616EPSS
Exploits1
F5 Networks
F5 Networks
added 2024/03/25 7:55 p.m.39 views

K000139026: NTP vulnerability CVE-2009-3563

Security Advisory Description ntprequest.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service CPU and bandwidth consumption by using MODEPRIVATE to send a spoofed 1 request or 2 response packet that triggers a continuous exchange of MODEPRIVATE error...

6.4CVSS7.5AI score0.32288EPSS
Exploits3
F5 Networks
F5 Networks
added 2023/12/19 8:15 p.m.39 views

K000137966: Apache Tomcat vulnerability CVE-2023-42794

Security Advisory Description Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Window...

5.9CVSS7.2AI score0.01854EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
added 2023/10/09 4:39 p.m.39 views

K000137186: Linux kernel vulnerability CVE-2022-3564

Security Advisory Description A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply ...

7.1CVSS6.6AI score0.0129EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/08/15 4:54 p.m.39 views

K000135852: FasterXML jackson-databind vulnerability CVE-2022-42003

Security Advisory Description In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAPSINGLEVALUEARRAYS feature is enabled. Additional fix version in 2.13.4.1 a...

7.5CVSS7.1AI score0.02706EPSS
Exploits2Affected Software1
F5 Networks
F5 Networks
added 2023/07/31 3:26 p.m.39 views

K000135674: HarfBuzz vulnerability CVE-2023-25193

Security Advisory Description hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks. CVE-2023-25193 Impact There is no impact; F5 products are not affected by this...

7.5CVSS6.3AI score0.01812EPSS
Exploits0
Total number of security vulnerabilities5000