6413 matches found
K000141129: Python vulnerability CVE-2024-35195
Security Advisory Description Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of...
K000140865: Linux kernel vulnerability CVE-2023-45871
Security Advisory Description An issue was discovered in drivers/net/ethernet/intel/igb/igbmain.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. CVE-2023-45871 Impact An attacker can exploit the vulnerability to access...
K000140863: Busybox vulnerability CVE-2022-48174
Security Advisory Description There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution. CVE-2022-48174 Impact There is no impact; F5 products are not affect...
K000140414: Loop DOS UDP vulnerability CVE-2024-2169
Security Advisory Description Implementations of UDP application protocol are vulnerable to network loops. An unauthenticated attacker can use maliciously-crafted packets against a vulnerable implementation that can lead to Denial of Service DOS and/or abuse of resources. CVE-2024-2169 Impact The...
K000140039: Intel QAT vulnerability CVE-2023-32641
Security Advisory Description Improper input validation in firmware for IntelR QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. CVE-2023-32641 Impact There is no impact; F5 products are not affected by this vulnerability. Securit...
K000139684: AMD processors vulnerability CVE-2023-20569
Security Advisory Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. CVE-2023-20569 Impact The...
K000139026: NTP vulnerability CVE-2009-3563
Security Advisory Description ntprequest.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service CPU and bandwidth consumption by using MODEPRIVATE to send a spoofed 1 request or 2 response packet that triggers a continuous exchange of MODEPRIVATE error...
K000137966: Apache Tomcat vulnerability CVE-2023-42794
Security Advisory Description Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Window...
K000137186: Linux kernel vulnerability CVE-2022-3564
Security Advisory Description A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2capreassemblesdu of the file net/bluetooth/l2capcore.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply ...
K000135852: FasterXML jackson-databind vulnerability CVE-2022-42003
Security Advisory Description In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAPSINGLEVALUEARRAYS feature is enabled. Additional fix version in 2.13.4.1 a...
K000135674: HarfBuzz vulnerability CVE-2023-25193
Security Advisory Description hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks. CVE-2023-25193 Impact There is no impact; F5 products are not affected by this...
K000134748: Kubernetes vulnerabilities CVE-2019-1002100, CVE-2019-11254, CVE-2017-1002101, and CVE-2017-1002102
Security Advisory Description CVE-2019-1002100 In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" e.g. kubectl patch --type json or "Content-Type:...
K000133448: Python urllib3 vulnerability CVE-2019-11324
Security Advisory Description The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct...
K66871452: PowerDNS vulnerability CVE-2015-5311
Security Advisory Description PowerDNS aka pdns Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denial of service assertion failure and server crash via crafted query packets. CVE-2015-5311 Impact There is no impact; F5 products are not affected by this vulnerability...
K55001100: glibc vulnerability CVE-2015-5180
Security Advisory Description resquery in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service NULL pointer dereference and process crash. CVE-2015-5180 Impact For this vulnerability, an attacker must have local access to the system and know how to make the glibc...
K16940442: Java SE vulnerability CVE-2018-3136
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows unauthenticated attacke...
K15351: OpenSSL DTLS ChangeCipherSpec vulnerability CVE-2009-1386
Security Advisory Description ssl/s3pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a DTLS ChangeCipherSpec packet that occurs before ClientHello. CVE-2009-1386 Impact None Security Advisory Status To determine if...
K45452200: Python-Pillow vulnerability CVE-2021-25287
Security Advisory Description An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala. CVE-2021-25287 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated th...
K17517: NTP vulnerability CVE-2015-7701
Security Advisory Description Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption. CVE-2015-7701 Impact An attacker could send packets tontpd that may, after several days of...
K15865: Apache HTTP server vulnerability CVE-2012-4558
Security Advisory Description Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject...
K15783: Kerberos vulnerability CVE-2013-1417
Security Advisory Description dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service daemon crash via a TGS-REQ request that triggers an attempted...
K15156: OpenSSH vulnerability CVE-2009-2904
Security Advisory Description A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux RHEL 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files withi...
K05770600: Linux libuser vulnerability CVE-2015-3246
Security Advisory Description libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE:...
K64208870: TMM vulnerability CVE-2018-15319
Security Advisory Description Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies. CVE-2018-15319 Impact An attacker may be able to...
K51470205: Intel DAL vulnerability CVE-2019-0170
Security Advisory Description Buffer overflow in subsystem in IntelR DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2019-0170 Impact Traffix SDC An attacker with local access to the system can exploit this vulnerability...
K30046854: Linux kernel vulnerability CVE-2019-19332
Security Advisory Description An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to...
K34041353: Linux kernel vulnerability CVE-2021-38202
Security Advisory Description fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service out-of-bounds read in strlen by sending NFS traffic when the trace event framework is being used for nfsd. CVE-2021-38202 Impact There is no impact; F5 product...
K58502654: Linux kernel vulnerability CVE-2018-20961
Security Advisory Description In the Linux kernel before 4.16.4, a double free vulnerability in the fmidisetalt function of drivers/usb/gadget/function/fmidi.c in the fmidi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. CVE-2018-20961 Impact The...
K34223526: Linux kernel vulnerability CVE-2018-14641
Security Advisory Description A security flaw was found in the ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ipdofragment. With certain non-default, but non-rare, configuration of a victim host, an...
K14601: BIND vulnerability CVE-2012-5689
Security Advisory Description ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query...
K22541983: BIG-IP virtual servers with Client SSL and HTTP/2 or SPDY configured vulnerability CVE-2017-6163
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a...
K16366: GNU C Library (glibc) vulnerability CVE-2015-1472
Security Advisory Description stdio-common/vfscanf.c has an ADDW macro that tries to determine whether to use malloc or alloca for allocations. But in the malloc case, it only allocates newsize bytes instead of the required newsize sizeof CHART. Thus the allocated buffer gets overrun in the...
K14600: BIND vulnerability CVE-2013-3919
Security Advisory Description When resolver.c is configured in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, or 9.6-ESV-R9 before 9.6-ESV-R9-P1, remote attackers may cause a denial-of-service DoS when querying for a record in a malformed zone. CVE-2013-3919 Impact Remote attackers can...
K17386: vCMP DoS vulnerability CVE-2015-6546
Security Advisory Description An attacker sourcing malicious traffic from a network adjacent to the BIG-IP system may be able to cause a denial-of-service DoS condition on a vCMP host and the vCMP guests running on it. The vulnerability cannot be exploited outside of the local network segment or ...
K84583382: VMware Tools vulnerability CVE-2015-5191
Security Advisory Description VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVE-2015-5191 Impact This vulnerability may allow a...
K15441: PHP vulnerability CVE-2011-1148
Security Advisory Description Use-after-free vulnerability in the substrreplace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact by using the same variable for multiple arguments...
K73455417: obs-service-extract_file package vulnerability CVE-2016-4007
Security Advisory Description Multiple unspecified vulnerabilities in the obs-service-extractfile package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal...
K74759095: SafeNet External Network HSM script vulnerability CVE-2017-6165
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM...
K15903: Multiple PHP vulnerabilities
Security Advisory Description Description CVE-2012-3365 The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors. CVE-2012-2329 Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4...
K09408132: glibc vulnerability CVE-2011-1659
Security Advisory Description Integer overflow in posix/fnmatch.c in the GNU C Library aka glibc or libc6 2.13 and earlier allows context-dependent attackers to cause a denial of service application crash via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a...
K11091514: MySQL vulnerability CVE-2016-5626
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. CVE-2016-5626 Impact There is no impact; F5 products are not affected by this...
K12130880: BIG-IP APM client for Linux and macOS vulnerability CVE-2018-15332
Security Advisory Description The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition. CVE-2018-15332 Impact A...
K15784: Kerberos vulnerability CVE-2013-1418
Security Advisory Description The setupserverrealm function in main.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted...
K12650: PHP vulnerability CVE-2010-4645
Security Advisory Description Note : For information about signing up to receive security notice updates from F5, refer to K9970: Subscribe to email notifications regarding F5 products and security announcements. Note : Versions that are not listed in this article have not been evaluated for...
K3279: Heap-based buffer overflow in mod_proxy - CAN-2004-0492
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K43322910: Linux kernel vulnerability CVE-2017-6135
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory OOM...
K17248: OpenSSL vulnerability CVE-2010-0742
Security Advisory Description The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or...
K08421805: GStreamer vulnerability CVE-2016-9635
Security Advisory Description Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a skip count that goes...
K68942513: Java vulnerability CVE-2013-5780
Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via...
K37111863: NodeJS vulnerability CVE-2018-12120
Security Advisory Description Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the...