6401 matches found
K17551: Linux kernel vulnerability CVE-2014-9419
Security Advisory Description The switchto function in arch/x86/kernel/process64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage TLS descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection...
K21274200: Linux kernel vulnerability CVE-2017-16914
Security Advisory Description The "stubsendretsubmit" function drivers/usb/usbip/stubtx.c in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows attackers to cause a denial of service NULL pointer dereference via a specially crafted USB over IP packet. CVE-2017-16914 Impact...
K71522481: Java vulnerability CVE-2021-2163
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM Enterprise Edition:...
K20722197: Samba vulnerability CVE-2017-2619
Security Advisory Description Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. CVE-2017-2619 Impact There is no impact; F5 products are not affected b...
K24301698: TMUI XSS vulnerability CVE-2021-23027
Security Advisory Description A DOM based cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the currently logged-in user. CVE-2021-23027 Impact An attacker may exploit this...
K55518036: GO vulnerability CVE-2021-31525
Security Advisory Description net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service panic via a large header to ReadRequest or ReadResponse. Server, Transport, and Client can each be affected in some configurations. CVE-2021-31525 Impact There...
K35925420: Intel software vulnerabilities CVE-2020-8754, CVE-2020-8757, CVE-2020-8760, CVE-2020-12356
Security Advisory Description CVE-2020-8754 Out-of-bounds read in subsystem for IntelR AMT, IntelR ISM versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure via network access. CVE-2020-8757 Out-of-bounds re...
K72403108: tcpdump vulnerabilities CVE-2016-7926, CVE-2016-7932, and CVE-2016-7938
Security Advisory Description CVE-2016-7926 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertypeprint. CVE-2016-7932 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2checkchecksum. CVE-2016-7938 The ZeroMQ parser in tcpdump...
K43084130: BIND vulnerability CVE-2018-5735
Security Advisory Description The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other...
K53931245: BIG-IP SSL profile vulnerability CVE-2018-5524
Security Advisory Description Under certain conditions, virtual servers configured with Client SSL or Server SSL profiles that make use of network hardware security module HSM functionality are exposed and impacted by this issue. CVE-2018-5524 Impact Malformed Transport Layer Security TLS request...
K17528: NTP vulnerability CVE-2015-7850
Security Advisory Description ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service infinite loop or crash by pointing the key file at the log file. CVE-2015-7850 Impact Under certain specific conditions, an attacker can send a se...
K20134942: SSL Forward Proxy vulnerability CVE-2018-5527
Security Advisory Description A remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel TMM to leak memory. As a result, system memory usage...
K58235223: BIG-IP APM access policy vulnerability CVE-2022-35245
Security Advisory Description When a BIG-IP APM access policy is configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-35245 Impact Traffic is disrupted while TMM restarts. This vulnerability allows an attacker to cause a...
K61186963: cURL vulnerability CVE-2020-8285
Security Advisory Description curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. CVE-2020-8285 Impact A malicious FTP server can trigger a stack overflow and cause a denial-of-service DoS on the F5 product that ...
K71080411: Linux kernel vulnerability CVE-2021-4155
Security Advisory Description A data leak flaw was found in the way XFSIOCALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. CVE-2021-4155 Impact Ther...
K01587042: BIG-IP SPDY and HTTP/2 profile vulnerability CVE-2016-7475
Security Advisory Description Under some circumstances, the Traffic Management Microkernel TMM may not properly clean-up pool member network connections when using SPDY or HTTP/2 virtual server profiles. CVE-2016-7475 Impact In many cases, the pool members will tear down these network connections...
K68785753: ImageMagick vulnerability CVE-2015-8898
Security Advisory Description The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted image file. CVE-2015-8898 Impact BIG-IP systems that use a WebAcceleration profile configured wit...
K97285349: XSS vulnerability in the BIG-IP and Enterprise Manager Configuration utilities CVE-2016-7469
Security Advisory Description A stored cross-site scripting XSS vulnerability in the BIG-IP Configuration utility device name change page allows an authenticated user to inject arbitrary web script or HTML. Exploitation requires Resource Administrator or Administrator privileges, and it could cau...
K46401178: BIG-IP Configuration utility vulnerability CVE-2019-6599
Security Advisory Description Improper escaping of values in an undisclosed page of the BIG-IP Configuration utility may result in an improper handling on the JSON response when it is injected by a malicious script through a remote cross-site scripting XSS attack. CVE-2019-6599 Impact BIG-IP and...
K68609614: Linux kernel vulnerability CVE-2011-0699
Security Advisory Description Integer signedness error in the btrfsioctlspaceinfo function in the Linux kernel 2.6.37 allows local users to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted slot value. CVE-2011-0699 Impact There is no...
K31211252: glibc vulnerability CVE-2014-9761
Security Advisory Description Multiple stack-based buffer overflows in the GNU C Library aka glibc or libc6 before 2.23 allow context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long argument to the 1 nan, 2 nanf, or 3 nanl function...
K62602089: Binutils vulnerabilities CVE-2018-20002 and CVE-2018-20657
Security Advisory Description CVE-2018-20002 The bfdgenericreadminisymbols function in syms.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service memory consumption, as demonstrated by...
K31573032: Tomcat vulnerability CVE-2020-13943
Security Advisory Description If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made...
K56061418: glibc vulnerability CVE-2016-6323
Security Advisory Description The makecontext function in the GNU C Library aka glibc or libc6 before 2.25 creates execution contexts incompatible with the unwinder on ARM EABI 32-bit platforms, which might allow context-dependent attackers to cause a denial of service hang, as demonstrated by...
K16016: Linux kernel SCTP vulnerability CVE-2014-7841
Security Advisory Description The sctpprocessparam function in net/sctp/smmakechunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service NULL pointer dereference and system crash via a malformed INIT chunk...
K95444512: TMM SSO plugin vulnerability CVE-2016-7467
Security Advisory Description The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider SP connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML...
K10196624: libcurl vulnerability CVE-2016-8618
Security Advisory Description The libcurl API function called curlmaprintf before version 7.51.0 can be tricked into doing a double-free due to an unsafe sizet multiplication, on systems using 32 bit sizet variables. CVE-2016-8618 Impact A custom monitor or script that calls the curl command may...
K70949911: Glib vulnerability CVE-2019-14822
Security Advisory Description A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send method calls to the ibus bus of another user due to a misconfiguration in the DBus server setup. A local attacker may use this flaw to intercept all keystrok...
K75042242: QEMU 4.0 vulnerability CVE-2019-12155
Security Advisory Description interfacereleaseresource in hw/display/qxl.c in QEMU 4.0.0 has a NULL pointer dereference. CVE-2019-12155 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently...
K43877335: Intel software vulnerabilities CVE-2020-8751, CVE-2020-8755, CVE-2020-8761, CVE-2020-12303
Security Advisory Description CVE-2020-8751 Insufficient control flow management in subsystem for IntelR CSME versions before 11.8.80, IntelR TXE versions before 3.1.80 may allow an unauthenticated user to potentially enable information disclosure via physical access. CVE-2020-8755 Race condition...
K35246595: libarchive vulnerability CVE-2016-5418
Security Advisory Description The sandboxing code in libarchive 3.2.0 and earlier mishandles hardlink archive entries of non-zero data size, which might allow remote attackers to write to arbitrary files via a crafted archive file. CVE-2016-5418 Impact BIG-IP On BIG-IP and VIPRION platforms that...
K17169: Java vulnerability CVE-2015-2625
Security Advisory Description Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE. CVE-2015-2625 Impact Confidentiality is affected when exploited by...
K39250133: glibc vulnerability CVE-2015-8779
Security Advisory Description Stack-based buffer overflow in the catopen function in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long catalog name. CVE-2015-8779 Impact ...
K17130: Linux kernel vulnerability CVE-2015-1420
Security Advisory Description Race condition in the handletopath function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handlebytes value of a file handle during...
K16830: Linux vulnerability CVE-2014-8171
Security Advisory Description It was found that the Linux kernel memory resource controller's memcg handling of OOM out of memory conditions could lead to deadlocks. An attacker able to continuously spawn new processes within a single memory-constrained cgroup during an OOM event could use this...
K37540306: Mozilla Network Security Services use-after-free vulnerability CVE-2016-1978
Security Advisory Description Use-after-free vulnerability in the ssl3HandleECDHServerKeyExchange function in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact b...
K81601350: BIG-IP PEM vulnerability CVE-2017-6144
Security Advisory Description When downloading the Type Allocation Code TAC database file via HTTPS, the server's certificate is not verified. Attackers in a privileged network position may be able to launch a man-in-the-middle attack against these connections. TAC databases are used in BIG-IP PE...
K77241314: Python vulnerability CVE-2013-7440
Security Advisory Description The ssl.matchhostname function in CPython aka Python before 2.7.9 and 3.x before 3.3.3 does not properly handle wildcards in hostnames, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. CVE-2013-7440 Impact There is no impact; ...
K15735: SMB vulnerability CVE-2014-7145
Security Advisory Description The SMB2tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS servers to cause a denial of service NULL pointer dereference and client system crash or possibly have unspecified other impact by deleting the IPC$ share during resolutio...
K15478: PHP vulnerability CVE-2012-2386
Security Advisory Description Integer overflow in the pharparsetarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted tar file that triggers...
K31130692: GNU Guile vulnerabilities CVE-2016-8605 and CVE-2016-8606
Security Advisory Description CVE-2016-8605 The mkdir procedure of GNU Guile temporarily changed the process umask to zero. During that time window, in a multithreaded application, other threads could end up creating files with insecure permissions. For example, mkdir without the optional mode...
K17212: PHP vulnerability CVE-2014-5459
Security Advisory Description The PEARREST class in REST.php in PEAR in PHP through 5.6.0 allows local users to write to arbitrary files via a symlink attack on a 1 rest.cachefile or 2 rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions...
K25901386: GRUB2 vulnerability CVE-2015-8370
Security Advisory Description Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service disk corruption via backspace characters in the 1 grubusernameget function in...
K53445000: BIND vulnerability CVE-2015-8704
Security Advisory Description apl42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service INSIST assertion failure and daemon exit via a malformed Address Prefix List APL record. CVE-2015-8704 Impact The BIND named...
K14734: Apache HTTP server vulnerability CVE-2013-2249
Security Advisory Description modsessiondbd.c in the modsessiondbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requirement for a new session ID, which has unspecified impact and remote attack vectors...
K12055286: Intel CPU vulnerability CVE-2021-33060
Security Advisory Description Out-of-bounds write in the BIOS firmware for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2021-33060 Impact This vulnerability may allow an authenticated local user to potentially enable...
SOL68785753 - ImageMagick vulnerability CVE-2015-8898
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL21284031 - GnuPG vulnerability CVE-2014-4617
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...
SOL14510263 - IPv6 Neighbor Discovery crafted packet vulnerability CVE-2016-1409
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
SOL82644737 - NTP vulnerability CVE-2016-4954
Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...