6396 matches found
K000140108: NGINX Plus MQTT vulnerability CVE-2024-39792
Security Advisory Description When NGINX Plus is configured to use the MQTT filter module, undisclosed requests can cause an increase in memory resource utilization. CVE-2024-39792 Impact System performance can degrade until the NGINX master and worker processes are either forced to restart or ar...
K000139880: Intel CPU/BIOS vulnerabilities CVE-2023-28402, CVE-2023-27504, and CVE-2023-28383
Security Advisory Description CVE-2023-28402 Improper input validation in some IntelR BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2023-27504 Improper conditions check in some IntelR BIOS Guard firmware may allow a privileged...
K000139684: AMD processors vulnerability CVE-2023-20569
Security Advisory Description A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. CVE-2023-20569 Impact The...
K000139680: MySQL2 vulnerability CVE-2024-21508
Security Advisory Description Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution RCE via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values. CVE-2024-21508 Impact There is no impact; F5 products are not affecte...
K000138726: Linux kernel vulnerability CVE-2023-3611
Security Advisory Description An out-of-bounds write vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. The qfqchangeagg function in net/sched/schqfq.c allows an out-of-bounds write because lmax is updated according to packet...
K000138114: open-vm-tools vulnerability CVE-2023-34058
Security Advisory Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https : //docs . vmware . com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtu...
K000137875: PostGreSQL vulnerability CVE-2018-1058
Security Advisory Description A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected...
K000137202: Intel BIOS vulnerability CVE-2022-38083
Security Advisory Description Improper initialization in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable information disclosure via local access CVE-2022-38083. Impact There is no impact; F5 products are not affected by this vulnerability. F5...
K000136185: BIG-IP Edge Client for macOS vulnerability CVE-2023-43611
Security Advisory Description The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. CVE-2023-43611 Note : This vulnerability is due to an incomplete fix for CVE-2023-38418. Impact An attacker with an ability to run...
K000136903: OpenSSL Diffie-Hellman vulnerability CVE-2023-3446
Security Advisory Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckex or EVPPKEYparamcheck to check a DH key or DH parameters may experience long delays. Where the key or parameters tha...
K000136153: cURL vulnerability CVE-2023-23914
Security Advisory Description A cleartext transmission of sensitive information vulnerability exists in curl. CVE-2023-23914 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the currently supported release...
K000134770: Linux kernel vulnerability CVE-2022-42703
Security Advisory Description mm/rmap.c in the Linux kernel before 5.19.7 has a use-after-free related to leaf anonvma double reuse. CVE-2022-42703 Impact This vulnerability allows a local attacker to cause a denial-of-service DoS on the Traffix SDC system. Security Advisory Status F5 Product...
K000133759: Python vulnerability CVE-2020-26116
Security Advisory Description http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of...
K000134500: Spring Framework vulnerability CVE-2023-20860
Security Advisory Description Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass...
K000133752: OpenSSL vulnerability CVE-2023-1255
Security Advisory Description Issue summary: The AES-XTS cipher decryption implementation for 64 bit ARM platform contains a bug that could cause it to read past the input buffer, leading to a crash. Impact summary: Applications that use the AES-XTS algorithm on the 64 bit ARM platform can crash ...
K000133633: Intel BIOS firmware vulnerability CVE-2022-32231
Security Advisory Description Improper initialization in the BIOS firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2022-32231 Impact This vulnerability may allow a privileged user to potentially enable escalation o...
K000132725: FasterXML vulnerability CVE-2022-42004
Security Advisory Description In FasterXML jackson-databind before 2.13.4, resource exhaustion can occur because of a lack of a check in BeanDeserializer.deserializeFromArray to prevent use of deeply nested arrays. An application is vulnerable only with certain customized choices for...
K000132764: SSL Certificates in Mozilla vulnerability CVE-2022-23491
Security Advisory Description Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being...
K52521791: vCMP Cavium Nitrox SSL hardware accelerator vulnerability CVE-2018-5507
Security Advisory Description vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU. CVE-2018-5507 Impact BIG-IP The affected SSL connections are terminated unexpectedly. ARX / BIG-IQ / Enterprise Manager ...
K11772107: BIG-IP and BIG-IQ cloud image vulnerability CVE-2016-2084
Security Advisory Description There is an issue with regenerating certificates and keys when deploying BIG-IP and BIG-IQ cloud images in Amazon Web Services AWS, Azure or Verizon cloud services environments. CVE-2016-2084 Note : CVE-2016-2084 impacts only BIG-IP or BIG-IQ AWS, Azure, or Verizon...
K14118520: MySQL vulnerabilities CVE-2019-2752, CVE-2019-2755, CVE-2019-2757, CVE-2019-2758, and CVE-2019-2774
Security Advisory Description CVE-2019-2752 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Options. Supported versions that are affected are 8.0.16 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple...
K15359: OpenSSL vulnerability CVE-2009-1378
Security Advisory Description Multiple memory leaks in the dtls1processoutofseqmessage function in ssl/d1both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service memory consumption via DTLS records that 1 are duplicates or 2 have sequence numbers muc...
K14930: PHP vulnerability CVE-2011-4718
Security Advisory Description Session fixation vulnerability in the Sessions subsystem in PHP before 5.5.2 allows remote attackers to hijack web sessions by specifying a session ID. CVE-2011-4718 Impact None Security Advisory Status To determine if your release is known to be vulnerable, the...
K45452200: Python-Pillow vulnerability CVE-2021-25287
Security Advisory Description An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayala. CVE-2021-25287 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated th...
K94010578: tcpdump vulnerabilities CVE-2016-7940, CVE-2016-7973, CVE-2016-7974, CVE-2016-7983, and CVE-2016-7984
Security Advisory Description CVE-2016-7940 The STP parser in tcpdump before 4.9.0 has a buffer overflow in print-stp.c, multiple functions. CVE-2016-7973 The AppleTalk parser in tcpdump before 4.9.0 has a buffer overflow in print-atalk.c, multiple functions. CVE-2016-7974 The IP parser in tcpdum...
K41704442: Reflected XSS vulnerability in an undisclosed Configuration utility page CVE-2018-15315
Security Advisory Description A reflected Cross-Site Scripting XSS vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to execute JavaScript in the context of the current logged-in user. CVE-2018-15315 Impact BIG-IP A remote unauthenticated...
K17517: NTP vulnerability CVE-2015-7701
Security Advisory Description Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption. CVE-2015-7701 Impact An attacker could send packets tontpd that may, after several days of...
K15783: Kerberos vulnerability CVE-2013-1417
Security Advisory Description dotgsreq.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.11 before 1.11.4, when a single-component realm name is used, allows remote authenticated users to cause a denial of service daemon crash via a TGS-REQ request that triggers an attempted...
K15156: OpenSSH vulnerability CVE-2009-2904
Security Advisory Description A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux RHEL 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files withi...
K61420264: Linux kernel vulnerability CVE-2015-8830
Security Advisory Description Integer overflow in the aiosetupsinglevector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO iovec. NOTE: this vulnerability exists because of a CVE-2012-6701...
K55655944: BIG-IP Engineering Hotfix authentication bypass vulnerability CVE-2019-6675
Security Advisory Description BIG-IP configurations using Active Directory, LDAP, or Client Certificate LDAP for management authentication with multiple servers are exposed to a vulnerability which allows an authentication bypass. This can result in a complete compromise of the system. This issue...
K01494912: Samba vulnerability CVE-2018-1050
Security Advisory Description All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the...
K30046854: Linux kernel vulnerability CVE-2019-19332
Security Advisory Description An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the 'KVMGETEMULATEDCPUID' ioctl2 request to get CPUID features emulated by the KVM hypervisor. A user or process able to...
K28410870: LibTIFF vulnerability CVE-2015-8668
Security Advisory Description Heap-based buffer overflow in the PackBitsPreEncode function in tifpackbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image. CVE-2015-8668 Impact There is...
K82781208: BIG-IP FIX profile vulnerability CVE-2019-6667
Security Advisory Description On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1.1.5, 12.1.0-12.1.4.1, and 11.5.1-11.6.5, under certain conditions, TMM may consume excessive resources when processing traffic for a Virtual Server with the FIX Financial Information eXchange...
K14703097: BIG-IP AFM vulnerability CVE-2019-6672
Security Advisory Description When bad-actor detection is configured on a wildcard virtual server on platforms with hardware-based sPVA, the performance of the BIG-IP AFM system is degraded. CVE-2019-6672 Impact The affected BIG-IP AFM system's CPU usage increases and may cause the legitimate...
K23134279: Node.js vulnerability CVE-2016-2216
Security Advisory Description The HTTP header parsing code in Node.js 0.10.x before 0.10.42, 0.11.6 through 0.11.16, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allows remote attackers to bypass an HTTP response-splitting protection mechanism via UTF-8 encoded Unicode characters...
K17157: Apache HTTP server vulnerability CVE-2015-0228
Security Advisory Description The luawebsocketread function in luarequest.c in the modlua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service child-process crash by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade...
K14432: PHP SOAP wdsl cache file vulnerability CVE-2013-1635
Security Advisory Description PHP does not validate the configuration directive soap.wsdlcachedir before writing SOAP wsdl cache files to the filesystem. Impact An attacker is able to write remote wsdl files to arbitrary locations on an affected system. Security Advisory Status To determine if yo...
K17514331: BIG-IP TMM vulnerability CVE-2022-23020
Security Advisory Description When the 'Respond on Error' setting is enabled on the Request Logging profile and configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel TMM to terminate. CVE-2022-23020 Impact Traffic is disrupted while the TMM process...
K14740: OpenSSH vulnerability CVE-2011-5000
Security Advisory Description The sshgssapiparseename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service memory consumption via a large value in a certain length field. NOTE: there may b...
K15310: Data Manager SQL Injection Remote Code Execution vulnerability CVE-2014-2949
Security Advisory Description F5 Data Manager SQL Injection Remote Code Execution Vulnerability. CVE-2014-2949 Impact An authenticated user may potentially execute code. Security Advisory Status F5 Product Development has assigned ID 461853 Data Manager to this vulnerability, and has evaluated th...
K74759095: SafeNet External Network HSM script vulnerability CVE-2017-6165
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM, and WebSafe 11.5.1 HF6 through 11.5.4 HF4, 11.6.0 through 11.6.1 HF1, and 12.0.0 through 12.1.2 on VIPRION platforms only, the script which synchronizes SafeNet External Network HSM...
K24036027: libarchive vulnerability CVE-2016-5844
Security Advisory Description Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service application crash via a crafted ISO file. CVE-2016-5844 Impact For BIG-IP and VIPRION platforms that are configured to use Virtual Clustered...
K30502720: Apache Tomcat vulnerability CVE-2021-41079
Security Advisory Description Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop...
K09408132: glibc vulnerability CVE-2011-1659
Security Advisory Description Integer overflow in posix/fnmatch.c in the GNU C Library aka glibc or libc6 2.13 and earlier allows context-dependent attackers to cause a denial of service application crash via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a...
K11091514: MySQL vulnerability CVE-2016-5626
Security Advisory Description Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to GIS. CVE-2016-5626 Impact There is no impact; F5 products are not affected by this...
K24202220: OpenJDK vulnerability CVE-2019-2894
Security Advisory Description Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Security. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker wi...
K43322910: Linux kernel vulnerability CVE-2017-6135
Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and WebSafe software version 13.0.0, a slow memory leak as a result of undisclosed IPv4 or IPv6 packets sent to BIG-IP management port or self IP addresses may lead to out of memory OOM...
K68942513: Java vulnerability CVE-2013-5780
Security Advisory Description Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via...