6398 matches found
K45452200: Python-Pillow vulnerability CVE-2021-25287
Security Advisory Description An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala. CVE-2021-25287 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated th...
K17517: NTP vulnerability CVE-2015-7701
Security Advisory Description Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption. CVE-2015-7701 Impact An attacker could send packets tontpd that may, after several days of...
K15865: Apache HTTP server vulnerability CVE-2012-4558
Security Advisory Description Multiple cross-site scripting XSS vulnerabilities in the balancerhandler function in the manager interface in modproxybalancer.c in the modproxybalancer module in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject...
K15156: OpenSSH vulnerability CVE-2009-2904
Security Advisory Description A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux RHEL 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files withi...
K15150: cURL and libcurl vulnerability CVE-2013-4545
Security Advisory Description cURL and libcurl 7.18.0 through 7.32.0, when built with OpenSSL, disables the certificate CN and SAN name field verification CURLOPTSSLVERIFYHOST when the digital signature verification CURLOPTSSLVERIFYPEER is disabled, which allows man-in-the-middle attackers to spo...
K05770600: Linux libuser vulnerability CVE-2015-3246
Security Advisory Description libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service inconsistent file state by causing an error during the modification. NOTE:...
K64208870: TMM vulnerability CVE-2018-15319
Security Advisory Description Malicious requests made to virtual servers with an HTTP profile can cause the TMM to restart. The issue is exposed with the non-default "normalize URI" configuration options used in iRules and/or BIG-IP LTM policies. CVE-2018-15319 Impact An attacker may be able to...
K51470205: Intel DAL vulnerability CVE-2019-0170
Security Advisory Description Buffer overflow in subsystem in IntelR DAL before version 12.0.35 may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2019-0170 Impact Traffix SDC An attacker with local access to the system can exploit this vulnerability...
K44110411: BIG-IP SIP ALG vulnerability CVE-2022-23025
Security Advisory Description When a SIP ALG profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23025 Impact Traffic is disrupted while the TMM process restarts. This vulnerability allows an unauthenticated remot...
K30046854: Linux kernel vulnerability CVE-2019-19332
Security Advisory Description An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to...
K89434121: Linux kernel vulnerability CVE-2017-12193
Security Advisory Description The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service NULL pointer dereference and panic via a crafted application, as demonstrated by the...
K34041353: Linux kernel vulnerability CVE-2021-38202
Security Advisory Description fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service out-of-bounds read in strlen by sending NFS traffic when the trace event framework is being used for nfsd. CVE-2021-38202 Impact There is no impact; F5 product...
K58502654: Linux kernel vulnerability CVE-2018-20961
Security Advisory Description In the Linux kernel before 4.16.4, a double free vulnerability in the fmidisetalt function of drivers/usb/gadget/function/fmidi.c in the fmidi driver may allow attackers to cause a denial of service or possibly have unspecified other impact. CVE-2018-20961 Impact The...
K34223526: Linux kernel vulnerability CVE-2018-14641
Security Advisory Description A security flaw was found in the ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ipdofragment. With certain non-default, but non-rare, configuration of a victim host, an...
K23134279: Node.js vulnerability CVE-2016-2216
Security Advisory Description The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unicode characters...
K14601: BIND vulnerability CVE-2012-5689
Security Advisory Description ISC BIND 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service assertion failure and named daemon exit via a query...
K22541983: BIG-IP virtual servers with Client SSL and HTTP/2 or SPDY configured vulnerability CVE-2017-6163
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, APM, ASM, Link Controller, PEM, PSM software version 12.0.0 to 12.1.2, 11.6.0 to 11.6.1, 11.4.0 to 11.5.4, when a virtual server uses the standard configuration of HTTP/2 or SPDY profile with Client SSL profile, and the client initiates a...
K16366: GNU C Library (glibc) vulnerability CVE-2015-1472
Security Advisory Description stdio-common/vfscanf.c has an ADDW macro that tries to determine whether to use malloc or alloca for allocations. But in the malloc case, it only allocates newsize bytes instead of the required newsize sizeof CHART. Thus the allocated buffer gets overrun in the...
K14600: BIND vulnerability CVE-2013-3919
Security Advisory Description When resolver.c is configured in ISC BIND 9.8.5 before 9.8.5-P1, 9.9.3 before 9.9.3-P1, or 9.6-ESV-R9 before 9.6-ESV-R9-P1, remote attackers may cause a denial-of-service DoS when querying for a record in a malformed zone. CVE-2013-3919 Impact Remote attackers can...
K17386: vCMP DoS vulnerability CVE-2015-6546
Security Advisory Description An attacker sourcing malicious traffic from a network adjacent to the BIG-IP system may be able to cause a denial-of-service DoS condition on a vCMP host and the vCMP guests running on it. The vulnerability cannot be exploited outside of the local network segment or ...
K16505: NTP vulnerability CVE-2015-1798
Security Advisory Description The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC...
K84583382: VMware Tools vulnerability CVE-2015-5191
Security Advisory Description VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation. CVE-2015-5191 Impact This vulnerability may allow a...
K30409575: ISC DHCP vulnerability CVE-2016-2774
Security Advisory Description ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service INSIST assertion failure or request-processing outage by establishing many sessions...
K15441: PHP vulnerability CVE-2011-1148
Security Advisory Description Use-after-free vulnerability in the substrreplace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service memory corruption or possibly have unspecified other impact by using the same variable for multiple arguments...
K73455417: obs-service-extract_file package vulnerability CVE-2016-4007
Security Advisory Description Multiple unspecified vulnerabilities in the obs-service-extractfile package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal...
K74759095: SafeNet External Network HSM script vulnerability CVE-2017-6165
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM...
K16912: BIND vulnerability CVE-2015-4620
Security Advisory Description name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when configured as a recursive resolver with DNSSEC validation, allows remote attackers to cause a denial of service REQUIRE assertion failure and daemon exit by constructing...
K15903: Multiple PHP vulnerabilities
Security Advisory Description Description CVE-2012-3365 The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the openbasedir protection mechanism via unspecified vectors. CVE-2012-2329 Buffer overflow in the apacherequestheaders function in sapi/cgi/cgimain.c in PHP 5.4...
K11091514: MySQL vulnerability CVE-2016-5626
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. CVE-2016-5626 Impact There is no impact; F5 products are not affected by this...
K09408132: glibc vulnerability CVE-2011-1659
Security Advisory Description Integer overflow in posix/fnmatch.c in the GNU C Library aka glibc or libc6 2.13 and earlier allows context-dependent attackers to cause a denial of service application crash via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a...
K12130880: BIG-IP APM client for Linux and macOS vulnerability CVE-2018-15332
Security Advisory Description The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition. CVE-2018-15332 Impact A...
K15784: Kerberos vulnerability CVE-2013-1418
Security Advisory Description The setupserverrealm function in main.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.10.7, when multiple realms are configured, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a crafted...
K15785: Kerberos vulnerability CVE-2013-6800
Security Advisory Description An unspecified third-party database module for the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.10.x allows remote authenticated users to cause a denial of service NULL pointer dereference and daemon crash via a crafted request, a different vulnerability...
K3279: Heap-based buffer overflow in mod_proxy - CAN-2004-0492
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
K16285: OpenSSL vulnerability CVE-2012-2110
Security Advisory Description The asn1d2ireadbio function in crypto/asn1/ad2ifp.c in OpenSSL before 0.9.8v, 1.0.0 before 1.0.0i, and 1.0.1 before 1.0.1a does not properly interpret integer data, which allows remote attackers to conduct buffer overflow attacks, and cause a denial of service memory...
K15358: OpenSSL vulnerability CVE-2009-0590
Security Advisory Description The ASN1STRINGprintex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service invalid memory access and application crash via vectors that trigger printing of a 1 BMPString or 2 UniversalString with an invalid encoded length...
K43322910: Linux kernel vulnerability CVE-2017-6135
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory OOM...
K17248: OpenSSL vulnerability CVE-2010-0742
Security Advisory Description The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or...
K08421805: GStreamer vulnerability CVE-2016-9635
Security Advisory Description Heap-based buffer overflow in the flxdecodedeltafli function in gst/flx/gstflxdec.c in the FLIC decoder in GStreamer before 1.10.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash by providing a skip count that goes...
K15345: GnuTLS vulnerability CVE-2014-3466
Security Advisory Description Buffer overflow in the readserverhello function in lib/gnutlshandshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service memory corruption or possibly execute arbitrary code via a long session id...
K68942513: Java vulnerability CVE-2013-5780
Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via...
K37111863: NodeJS vulnerability CVE-2018-12120
Security Advisory Description Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with node --debug or node debug, it listens to port 5858 on all interfaces by default. This may allow remote computers to attach to the...
K47605350: MySQL vulnerability CVE-2016-5631
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.7.13 and earlier allows remote administrators to affect availability via vectors related to Server: Memcached. CVE-2016-5631 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
K36784855: Apache Tomcat vulnerability CVE-2016-0762
Security Advisory Description The Realm implementations in Apache Tomcat versions 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to...
K04327352: Multiple MySQL data manipulation language vulnerabilities
Security Advisory Description CVE-2017-3634 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DML. Supported versions that are affected are 5.6.36 and earlier and 5.7.18 and earlier. Easily exploitable vulnerability allows low privileged attacker with network acces...
K29814751: Intel AMT vulnerabilities CVE-2020-0537, CVE-2020-0538, and CVE-2020-0540
Security Advisory Description CVE-2020-0537 Improper input validation in subsystem for IntelR AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow a privileged user to potentially enable denial of service via network access. CVE-2020-0538 Improper input validation in subsystem fo...
K06015902: Intel AMT vulnerabilities CVE-2020-0531, CVE-2020-0532, and CVE-2020-0535
Security Advisory Description CVE-2020-0531 Improper input validation in IntelR AMT versions before 11.8.77, 11.12.77, 11.22.77 and 12.0.64 may allow an authenticated user to potentially enable information disclosure via network access. CVE-2020-0532 Improper input validation in subsystem for...
K50112422: Linux kernel vulnerability CVE-2020-11884
Security Advisory Description In the Linux kernel through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enablesacfuaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. ...
K51197241: ICU vulnerability CVE-2020-10531
Security Advisory Description An issue was discovered in International Components for Unicode ICU for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend function in common/unistr.cpp. CVE-2020-10531 Impact There is no impact; F5...
K15551553: OpenSSL vulnerability CVE-2017-3730
Security Advisory Description In OpenSSL 1.1.0 before 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack...